With the HIPAA audit
due to start shortly, the OCR would inform the selected covered entity in
writing introducing the audit contractor, explain in detail about the first
document that is needed, describe the process of the audit, the expectations of
the compliance and request for information. The notification would also involve
the stipulated time and the means to return the information of the audit to the
auditor. The requested information should be described as per the prescription
of the audit and returned within 10 working or business days. The covered
entities and business associates selected for the audit by the OCR should
provide all details in accordance with the protocols of the audit.
The covered entities
will be informed 30 and 90 days prior to
on-site visits with
these visits evolving over 3 to 10 working or business days according to the
size of the chosen organization and the time taken by the auditor with regard to
the approachability of information and the concerned personnel. Once the
necessary work is completed by the auditor, the organization or the covered
entity would receive a draft of the final report. The covered entity and
business associates are given 10 days to go through the report and send back a
written report to the auditor who will in turn provide a final report of the
audit written by the covered entity and submit the same to the OCR.
The OCR would review
the reports sent by the auditor so they can ascertain
the efforts made by the covered entity and business associates to comply with
HIPAA Rules. If there are changes to be made, the OCR would then determine the
right course of action with corrective measures, technical aid and other means
of assistance. If there is a crucial issue, the OCR would find ways to address
the problem involved. The privacy of all selected covered entities and business
associates will be protected by the OCR. The benefits of the compliance
with HIPAA protections of health information are many. If there are any
breaches made by the covered entities and business associates in health
information, the OCR will extend help with the necessary tools, improve the
security and confidentiality of patients’ medical records and generate
technical assistance to attain the best practices. Consumers have the right to
complain to the OCR about security breaches and the covered entity is bound to
accept these complaints regarding HIPAA Rules as well as apply the necessary
changes.
For more information, visit http://www.usmedicaltranscriptionservice.com/ or call 1-800-723-4308
No comments:
Post a Comment