OCR Releases Report Summarizing HIPAA Privacy and Security Compliance Failures
Joseph J. Lazzarotti and Maya Atrakchi of JacksonLewis write:
In the final days of 2020, the Office for Civil Rights (OCR) at the U.S. Health and Human Service (HHS) released a HIPAA Audits Industry Report (“the Report”), that could be quite helpful to covered entities and business associates for tackling HIPAA compliance as we enter the new year. The Report examines OCR’s findings from HIPAA audits the agency conducted during 2016-2017 of 166 healthcare providers and 41 business associates. The audits were intended to examine mechanisms for compliance, identify promising practices for protecting the privacy and security for health information, and discover vulnerabilities that may be have been overlooked by OCR enforcement activity. It is the OCR’s hope that insights from the Report will enhance industry awareness of compliance obligations and assist the OCR in developing tools and guidance to assist industry compliance, self-evaluation, and prevent data breaches.
Read more on Workplace Privacy, Data Management & Security Report.