4

Shares

OCR deputy: Have policies in place to avoid a HIPAA compliance review

Shared by Radhika Narayanan | 2 2 0 | about 2 months ago

Dont let that audit turn into a deeper investigation, Deven McGraw said at the Allscripts user conference in Chicago.CHICAGO — Almost every breach case that Health and Human Services investigates begins with a hospital having failed to perform a risk analysis, according to Deven McGraw, deputy director for health information privacy for the HHS Office for Civil Rights. Then it follows that they failed to manage and identify risk or, in many instances, conducted a risk analysis indicating what needs to be done, but then that just sits on a shelf gathering dust.We come in and youre not under suspicion of anything wrong, just show us all your policies and procedures so we can give you a report card of where you are from a compliance standpoint, McGraw said at the Allscripts user conference in Chicago on Wednesday. Its not intended to be punitive. But an audit can turn into a compliance review, the more robust enforcement pathway, if we see something in the audit that raises significant concern.

Read More On www.healthcareitnews.com

Categories Privacy

Related Post

Links

http://www.healthcareitnews.com/news/ocr-deputy-have-policies-place-avoid-hipaa-compliance-review
http://bit.ly/2vUX8Nq
http://bit.ly/2wO0Cxw

Places mentioned in this article

Organizations mentioned in this article

0 Votes

You must log in to post a comment

0 Comments