Up to 150 entities, including ASCs, will be audited during the initial phase of the program, scheduled to run between Nov. 2011 and Dec. 2012. The audit will assess compliance with the HIPAA Privacy and Security Rules and Breach Notification standards.
OCR will use the audit program to assess HIPAA compliance efforts, examine mechanisms for compliance, identify best practices and discover risks and vulnerabilities that may not have come to light through OCR's ongoing complaint investigations and compliance reviews.
If OCR identifies an organization demonstrating significant compliance issues, it may undertake a further compliance review to address these issues, according to the report
Learn more about the HIPAA audit program by visiting the OCR website.
Learn more about ASCA.
More Articles Featuring ASCA: