HIPAA fines and audits

HIPAA auditsThe Office for Civil Rights (OCR) announced that they will increase the frequency of their audits and prosecutions as it regards to HIPAA.  The exact words regarding this topic were that the crackdown on HIPAA violations over the past year will “pale in comparison” to the next 12 months.

Jerome B. Meites, OCR chief regional counsel for the Chicago area, said that OCR still has to decide which organizations it will select for an audit from a list of 1,200 candidates–800 healthcare providers, health plans or clearinghouses–and 400 of their business associates. We believe that many of the future audits will be paper audits with OCR requesting a number of documents to ensure compliance requirements.  In addition to these paper audits we expect to see a significant number of fines and settlements based on “breaches” in the field. Let’s be clear, the Government wants to send a clear message that non-compliance will not be tolerated and they are using fines to spell out their message.  So far the record was set last May with a $4.8 million fine to New York-Presbyterian Hospital and Columbia University. In other words:

  1. More audits are expected;
  2. More audits will result in a revenue increase based on settlements and fines;
  3. Revenue increases will allow OCR to grow and increase their audits;
  4. Business Associates beware!!