Businesses Associated With Hospitals Could Face HIPAA Audits

HIPAA regulations have been broadened to cover associates of healthcare companies, a move that impacts many businesses.
Published: February 25, 2015

HIPAA regulations must now be met by many businesses associated with healthcare companies after a 2013 amendment that greatly increased the number of businesses influenced by the law.

The Health Insurance Portability and Accountability Act, or HIPAA, has long subjected health insurance companies to audits ensuring compliance of national standards in privacy of protected health information, security of protected health information and breach notification to consumers, according to the Department of Health and Human Services website. 

But now many businesses must meet these national standards. The Tennessean reports that “if you or your organization creates, receives or transmits protected health information required for you to perform services, you may be required to protect that information in the same way that a health provider would.”

Protected health information, or PHI, is considered any medical record or bill that could be used to identify a patient, and any business that prints, copies or stores PHI at their facility is at risk of an audit to ensure compliance with the HIPAA. Companies should understand their obligations under the HIPAA to avoid fines that the Tennessean reported could be hundreds of thousands of dollars.

——Article Continues Below——

Get the latest industry news and research delivered directly to your inbox.

The Department of Health and Human Services’ Office for Civil Rights (HHS OCR) enforces the HIPAA rules with audits that monitor the processes, controls and policies of selected companies. The OCR then writes a report to determine “what types of corrective actions are most effective.”

HIPAA requires healthcare companies and their business associates clearly define responsibilities with a formal agreement, and the Tennessean suggests that businesses refine their agreement. Business associates might also perform an

HIPAA compliance will be the OCR’s “main priority this year,” and HHS reports that the audits will select “as wide a range of types and sizes of covered entities as possible,” so everyone is eligible.

Posted in: News

ADVERTISEMENT
ADVERTISEMENT
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series