Menu
Hospital Security

Businesses Associated With Hospitals Could Face HIPAA Audits

HIPAA regulations have been broadened to cover associates of healthcare companies, a move that impacts many businesses.

Businesses Associated With Hospitals Could Face HIPAA Audits

OSHA's latest report found that in 2013, the number of assaults involving days away from work were as many as 12 times greater in healthcare and social assistance facilities than in the private sector as a whole.

HIPAA regulations must now be met by many businesses associated with healthcare companies after a 2013 amendment that greatly increased the number of businesses influenced by the law.

The Health Insurance Portability and Accountability Act, or HIPAA, has long subjected health insurance companies to audits ensuring compliance of national standards in privacy of protected health information, security of protected health information and breach notification to consumers, according to the Department of Health and Human Services website. 

But now many businesses must meet these national standards. The Tennessean reports that “if you or your organization creates, receives or transmits protected health information required for you to perform services, you may be required to protect that information in the same way that a health provider would.”

Protected health information, or PHI, is considered any medical record or bill that could be used to identify a patient, and any business that prints, copies or stores PHI at their facility is at risk of an audit to ensure compliance with the HIPAA. Companies should understand their obligations under the HIPAA to avoid fines that the Tennessean reported could be hundreds of thousands of dollars.

The Department of Health and Human Services’ Office for Civil Rights (HHS OCR) enforces the HIPAA rules with audits that monitor the processes, controls and policies of selected companies. The OCR then writes a report to determine “what types of corrective actions are most effective.”

HIPAA requires healthcare companies and their business associates clearly define responsibilities with a formal agreement, and the Tennessean suggests that businesses refine their agreement. Business associates might also perform an

HIPAA compliance will be the OCR’s “main priority this year,” and HHS reports that the audits will select “as wide a range of types and sizes of covered entities as possible,” so everyone is eligible.

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Tagged with: Access Control HITECH Privacy Regulations

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Get Our Newsletters
Campus Safety Conference promo

Recommended For You

Student and Staff Safety: Addressing the Significant Rise in Mental Health Needs and Violence
Student and Staff Safety: Addressing the Significant Rise in Mental Health Needs and Violence

In this webinar, attendees will learn the observable behaviors people exhibit as they head down a path of violence so we can help prevent the preventable.

Beyond Threat Assessment: Managing Threats with Appropriate Follow-up, Monitoring & Training
Beyond Threat Assessment: Managing Threats with Appropriate Follow-up, Monitoring & Training

This discussion will help participants analyze, understand, and assess their own program effectiveness.

Latest Quizzes

How Should These Clery Act Crimes Be Classified in Your ASR?
Mental Health in America: Test Your Awareness with This Quiz
Test Your Hospital Safety and Security Knowledge with These 9 Questions