HIPAA covered entities have reported that the HHS Office for Civil Rights recently sent pre-audit screening surveys to a pool of covered entities that may be selected for the previously delayed second phase of HIPAA compliance audits. This On the Subject describes the phase two audit program and identifies steps that covered entities and business associates should take to prepare for these audits.
OCR Launches Phase 2 HIPAA Audit Program with Pre-Audit Screening Surveys
Tags: covered entities and business associates, Health Information Technology for Economic and Clinical Health Act, Health Insurance Portability and Accountability Act of 1996, HIPAA, HIPAA Privacy, HITECH Act, OCR, Phase 2 HIPAA Audits, PHI, pre-audit screening, protected health information, Security and Breach Notification Standards, U.S. Department of Health and Human Services’ Office for Civil Rights
Edward G. ZachariasEdward G. Zacharias is the managing partner of McDermott’s Boston office. Clients across the healthcare industry and beyond turn to him for practical, business-oriented counsel on their most significant privacy and cybersecurity compliance, healthcare regulatory and transactional matters. Ed’s clients include “Big Tech” companies, health information technology and digital health companies, healthcare providers, insurers, electronic health record platforms, pharmacies, drug and device manufacturers, life sciences companies and health services vendors. Read Edward Zacharias' full bio.
Daniel F. GottliebDaniel F. Gottlieb counsels a wide range of health care industry clients, including health care providers, health plans, health information technology (IT) vendors and life sciences companies. He represents these entities on health IT acquisitions, privacy and data protection, reimbursement, fraud and abuse, and other health care regulatory and transactional matters. Daniel is a co-leader of the Firm’s Global Privacy and Cybersecurity Practice. Read Daniel Gottlieb's full bio.
Ryan S. HigginsRyan S. Higgins focuses his practice on representing hospitals, health systems, private equity firms and platform companies, and other health care organizations in corporate and transactional matters, including mergers, acquisitions, joint ventures and management arrangements. He also devotes a significant portion of his practice to representing health care organizations in matters involving health information privacy and security and Health Insurance Portability and Accountability Act (HIPAA) compliance. Ryan serves on the Chicago's office Pro Bono Committee and is heavily involved in pro bono matters. Read Ryan Higgins' full bio.
Related Posts
- Phase 2 HIPAA Audits Are Underway
- OCR to Begin Phase 2 of HIPAA Audit Program
- OCR Update on Tracking Technologies Provides Little Relief for HIPAA-Regulated Entities
- HHS Issues Guidance on Requirements Under HIPAA for Online Tracking Technologies, Addressing Privacy and Security Concerns Related to Health Information
- 7 Tips to Avoid Compliance Missteps During Open Enrollment
BLOG EDITORS
STAY CONNECTED
TOPICS
ARCHIVES
RECENT POSTS
- Trending in Telehealth: March 2025
- Senate Committee Advances Bills to Tackle High Drug Prices, Enhance Market Competition
- Governing Health Podcast | 2025 Executive Compensation Committee: Key Priorities and Strategic Insights
- The Employee Retention Credit: How to Litigate and Resolve Claims
- Navigating the Shifting Fiduciary Landscape
