HIPAA Audits in Full Force for 2016
The Department of Health and Human Services will begin a significant round of HIPAA compliance audits beginning in January 2016 (yes, that is next week). According to Jim Moore, certified HIPAA professional, he expects that 20% of all medical practices in the country will be subject to at least a “desk audit” and any practices that fail the desk audit will be subject to a full-blown audit. A desk audit can be as simple as a phone call or e-mail to a medical practice requesting documented proof of HIPAA-compliant patient privacy practices within 24 hours. If the correct proof of compliance is not delivered within that 24 hours, the practice will have failed the audit. There will be no extensions or exceptions granted for desk audits so if a medical practice is not compliant when they are targeted for a desk audit, they will likely not be able to comply and will be marked for a full-blown HIPAA audit in the near future. Failing a HIPAA audit can cost a medical practice many thousands of dollars, so it is in a practice’s best interest to get in compliance – besides the fact that protecting patient privacy is simply good business practice.
One of my clients in the medical industry shared with me that they were very recently visited by government officials to verify that their practice was in fact physically located at the address the government has on record for them. This is in preparation for the upcoming 2016 audits. The picture in this article is the identification they left behind.
Since 1 in 5 medical practices will be receiving desk audits, it is wise for medical practices to not bury their heads in the sand in the upcoming year. The best course of action is to get up to speed with HIPAA compliance and the quickest way to do that is to hire a HIPAA professional like Jim Moore. It is always better to be prepared ahead of time as “emergency” services are almost always significantly more expensive, so don’t get caught unprepared. The federal government is serious about enforcing compliance in 2016 and time is quickly running out.