Friday, February 12, 2010

Enforcement OF HIPAA

HITECH called for "periodic audits" to ensure HIPAA compliance, but as of today the Office of Civil Rights has not created a calendar of when those periodic audits will take place.
Sue McAndrew, the deputy director for Health Information Privacy for OCR, said at the 18th Annual National HIPAA Summit Thursday that OCR is working with a HIPAA privacy and security expert to help the organization "map out essentially the range of options that we have and what would be the most effective."
OCR is considering its budgetary means as well as the most effective method. "There are 1,000 ways to do this," McAndrew said.

http://www.healthleadersmedia.com/page-1/TEC-246089/OCR-Leader-No-HIPAA-Enforcement-Schedule-Yet
MIAOULIS NOTE: This tells me that Audits are still a ways off, this in effect has minimized the perception the HITECH/HIPAA risks.

No comments: