Business Associates (“BA’s”) may be audited, in addition to covered entities, in 2012 audits by the Office for Civil Rights (“OCR”). OCR has a three step audit program in progress. If the initial program “goes well” (whatever that means), then OCR will implement a full range of onsite audits and an evaluation process. BA’s come into contact with significant amounts of protected health information. Because approximately 20% of HIPAA breaches involve BA’s, consideration is being given to including BA’s as audit targets.
© 2011 Parsonage Vandenack Williams LLC
For more information, contact info@pvwlaw.com