Businesses Associated With Hospitals Could Face HIPAA Audits

HIPAA regulations have been broadened to cover associates of healthcare companies, a move that impacts many businesses.

HIPAA regulations must now be met by many businesses associated with healthcare companies after a 2013 amendment that greatly increased the number of businesses influenced by the law.

The Health Insurance Portability and Accountability Act, or HIPAA, has long subjected health insurance companies to audits ensuring compliance of national standards in privacy of protected health information, security of protected health information and breach notification to consumers, according to the Department of Health and Human Services website. 

But now many businesses must meet these national standards. The Tennessean reports that “if you or your organization creates, receives or transmits protected health information required for you to perform services, you may be required to protect that information in the same way that a health provider would.”

Protected health information, or PHI, is considered any medical record or bill that could be used to identify a patient, and any business that prints, copies or stores PHI at their facility is at risk of an audit to ensure compliance with the HIPAA. Companies should understand their obligations under the HIPAA to avoid fines that the Tennessean reported could be hundreds of thousands of dollars.

The Department of Health and Human Services’ Office for Civil Rights (HHS OCR) enforces the HIPAA rules with audits that monitor the processes, controls and policies of selected companies. The OCR then writes a report to determine “what types of corrective actions are most effective.”

HIPAA requires healthcare companies and their business associates clearly define responsibilities with a formal agreement, and the Tennessean suggests that businesses refine their agreement. Business associates might also perform an

HIPAA compliance will be the OCR’s “main priority this year,” and HHS reports that the audits will select “as wide a range of types and sizes of covered entities as possible,” so everyone is eligible.

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Get Our Newsletters
Campus Safety Conference promo