The Department of Health & Human Services (HHS) Office of Civil Rights (OCR) wants to ask the 115 health plans, health care clearinghouses, and health care providers (covered entities) that OCR audited in 2012 for compliance with Privacy and Security Rules of the Health Insurance Portability & Accountability Act (HIPAA)  under its HIPAA Audit Program to share feedback about their experience.  The planned survey announcement follows OCR’s recent released of restated HIPAA Privacy & Security Rules scheduled to take effect in September, 2013 and as OCR continues and expanding its HIPAA Audit Program in 2013.  All together, the signs are clear that covered entities should update and strengthen their HIPAA compliance and risk management practices to withstand the tightened rules and enforcement.

OCR initiated the HIPAA Audit Program in 2012 to comply with Section 13411 of the Health Information Technology for Economic and Clinical Health Act’s requirement that it audit covered entity and business associate compliance with the HIPAA privacy, security, and breach notification rules.  While it continues its HIPAA Audit Program in 2013, OCR also is evaluating the effectiveness of the HIPAA Audit Program audits in 2012. 

To this end, OCR currently is conducting a review of the HIPAA Audit program to determine its efficacy in assessing the HIPAA compliance efforts of covered entities.  As part of that review, OCR plans to ask covered entities audited under the HIPAA Audit Program in 2012 to complete an online survey about their experience.  In anticipation of its conduct of the proposed surveys, OCR is inviting public comment on the burden to Covered Entities to complete the planned online survey, which OCR estimates will take two hours to complete through May 20, 2013.  According to OCR, the survey will gather information on the effect of the audits on the audited entities and the entities’ opinions about the audit process. The online survey will be used to:

• Measure the effect of the HIPAA Audit program on covered entities;
• Gauge their attitudes towards the audit overall and in regards to major audit program features, such as the document request, communications received, the on-site visit, the audit report findings and recommendations;
• Obtain estimates of costs incurred by covered entities, in time and money, spent responding to audit-related requests;
• Seek feedback on the effect of the HIPAA Audit program on the day-to-day business operations; and
• Assess whether improvements in HIPAA compliance were achieved as a result of the Audit program.

OCR says it will use the information, opinions, and comments collected using the online survey to produce recommendations for improving the HIPAA Audit program.

For instructions to comment or more details, see here.

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 25 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to DEA and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on OCR Civil Rights rules and enforcement actions. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.  You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to ask about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here. 

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information about this communication click here.

About Solutions Law Press

Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources including:

• Par Pharmaceutical Pays $45 Million For Illegal Off-Label Marketing Of Megace ES
• Corpus Christi Radiology Group & Clinic $2.3 Million To Settle Health Care Fraud Charges
• Houston Ambulance Service Owner Convicted Of Health Care Fraud Faces Up To 70 Years
• Genesis Healthcare Disability HHS OCR Discrimination Settlement Reminder To Use Interpreters, Other Needed Accommodations For Disabled
• OSHA Safety Violations At Veterans’ Medical Center Reminder To Manage OSHA Compliance
• Federal Health Care Fraud & Abuse Recovery of $4.2 Billion In FY 2012 Shows Enforcement Risks Growing
• OCR, FTC Enforcement & Guidance Signals Need To Tighten Mobile Device & Application Security
• Unfair Labor Practice Settlements Reminds Hospitals To Handle Union Activities Carefully
• New Children’s Electronic Health Record Format Shared
• Justice Department Disability Discrimination With Pain Clinic Shows Provider ADA Exposures
• 7 Arrested, Charged In Detroit-Area Home Health Care Fraud Takedown
• OCR’s Long-Anticipated Omnibus HIPAA Privacy, Security, Breach Notification & Enforcement Rule Tightens Privacy Requirements, Require Action
• OCR Gives Providers Guidance On HIPAA Safety Disclosures
• Justice Department Settles FACE Act Lawsuit Against Abortion Protester
• ONC-Authorized Certification Bodies & Accredited Testing Labs Scope Expansion for 2014 Edition Testing & Certification
• OCR Pops Idaho Hospice In 1st HIPAA Breach Settlement Affecting < 500 Patients
• Medical Device Excise Tax Rules Supplemented
• Updated 2013 ACA Prescription Drug Fee Calculation & Payment Rules Released; 12/18 Deadline To File Form 8947
• Hospitals Urged To Tighten Inpatient & Outpatient Admission Records As OIG Audits Hospitals for New vs. Established Patients,
• OIG Recommends CMS, ONC Tighten EMR Incentive Program Rules To Improve Oversight

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. 

THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS.  ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN.   ©2013 Cynthia Marcotte Stamer, P.C.  Non-exclusive license to republish granted to Solutions Law Press.  All other rights reserved.

OCR initiated the HIPAA Audit Program in 2012 to comply with Section 13411 of the Health Information Technology for Economic and Clinical Health Act’s requirement that it audit covered entity and business associate compliance with the HIPAA privacy, security, and breach notification rules.  While it continues its HIPAA Audit Program in 2013, OCR also is evaluating the effectiveness of the HIPAA Audit Program audits in 2012. 

To this end, OCR currently is conducting a review of the HIPAA Audit program to determine its efficacy in assessing the HIPAA compliance efforts of covered entities.  As part of that review, OCR plans to ask covered entities audited under the HIPAA Audit Program in 2012 to complete an online survey about their experience.  In anticipation of its conduct of the proposed surveys, OCR is inviting public comment on the burden to Covered Entities to complete the planned online survey, which OCR estimates will take two hours to complete through May 20, 2013.  According to OCR, the survey will gather information on the effect of the audits on the audited entities and the entities’ opinions about the audit process. The online survey will be used to:

• Measure the effect of the HIPAA Audit program on covered entities;
• Gauge their attitudes towards the audit overall and in regards to major audit program features, such as the document request, communications received, the on-site visit, the auditreport findings and recommendations;
• Obtain estimates of costs incurred by covered entities, in time and money, spent responding to audit-related requests;
• Seek feedback on the effect of the HIPAA Audit program on the day-to-day business operations; and
• Assess whether improvements in HIPAA compliance were achieved as a result of the Audit program.

OCR says it will use the information, opinions, and comments collected using the online survey to produce recommendations for improving the HIPAA Audit program.

For instructions to comment or more details, see here.

For Help or More Information

If you need help reviewing and updating, administering or defending your group health insurance,  employee benefit, human resources, insurance, health care matters or related documents or practices to respond to emerging health plan regulations, monitoring or commenting on these rules, defending your health plan or its administration, or other health or employee benefit, human resources or risk management concerns, please contact the author of this update, Cynthia Marcotte Stamer.

A Fellow in the American College of Employee Benefit Council, immediate past Chair of the American Bar Association (ABA) RPTE Employee Benefits & Other Compensation Group and current Co-Chair of its Welfare Benefit Committee, Vice-Chair of the ABA TIPS Employee Benefits Committee, a council member of the ABA Joint Committee on Employee Benefits, and past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, Ms. Stamer is recognized, internationally, nationally and locally for her more than 24 years of work, advocacy, education and publications on cutting edge health and managed care, employee benefit, human resources and related workforce, insurance and financial services, and health care matters. 

A board certified labor and employment attorney widely known for her extensive and creative knowledge and experienced with these and other employment, employee benefit and compensation matters, Ms. Stamer continuously advises and assists employers, employee benefit plans, their sponsoring employers, fiduciaries, insurers, administrators, service providers, insurers and others to monitor and respond to evolving legal and operational requirements and to design, administer, document and defend medical and other welfare benefit, qualified and non-qualified deferred compensation and retirement, severance and other employee benefit, compensation, and human resources, management and other programs and practices tailored to the client’s human resources, employee benefits or other management goals.  A primary drafter of the Bolivian Social Security pension privatization law, Ms. Stamer also works extensively with management, service provider and other clients to monitor legislative and regulatory developments and to deal with Congressional and state legislators, regulators, and enforcement officials on regulatory, investigatory or enforcement concerns. 

Recognized in Who’s Who In American Professionals and both an American Bar Association (ABA) and a State Bar of Texas Fellow, Ms. Stamer serves on the Editorial Advisory Board of Employee Benefits News, the editor and publisher of Solutions Law Press HR & Benefits Update and other Solutions Law Press Publications, and active in a multitude of other employee benefits, human resources and other professional and civic organizations.   She also is a widely published author and highly regarded speaker on these matters. Her insights on these and other matters appear in the Bureau of National Affairs, Spencer Publications, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, Modern and many other national and local publications.   You can learn more about Ms. Stamer and her experience, review some of her other training, speaking, publications and other resources, and register to receive future updates about developments on these and other concerns from Ms. Stamer here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested in exploring other Solutions Law Press, Inc. ™ tools, products, training and other resources here.

Other Helpful Resources & Other Information

If you found these updates of interest, you also be interested in one or more of the following other recent articles published in this electronic Solutions Law publications available for review here including:

• Businesses Urged To Strengthen Their Worker Classification Defenses As IRS, Other Agencies Step Up Audits & Enforcement
• Alert Employees Claiming Qualified Adoption Expenses and Education Credits About Changed IRS Procedures
• 13 Employer Tips For Coping With Health Care Reform Now!
• Sequester Will Cut ACA Small Businesses Health Care Tax Credits
• Premier Insurance Services Pays $120,000 In Back Wages, Damages, Penalties Because Commission-Only Comp Violated Minimum Wage, Overtime Laws
• OSHA Citation Of Michigan VA Reminder To Manage Workplace Safety
• Labor Department Targeting Businesses Violating Overtime, Other Wage & Hour Laws
• Wal-Mart Settlement Shows ADA Risks When Considering Employee Return To Work Accommodation Requests & Inquiries
• HHS Releases Final Rule on Health Insurance Market, Rate Review, Pre-Existing Conditions & Other ACA Market Reform Rules
• FTC, HIPAA Rules Require Health Plans & Employers Strengthen Data Security on Mobile Devices and Applications
• 3/13 JCEB Teleconference Explores Foreign Transferees: Outbound, Inbound, Equity And Treaty Issues
• Stamer Talks on “What the Wind Blew In: Coping with Health Care Reform: 2013 and Beyond” May 2 At 24th Annual RPTE Spring Symposia In Washington, D.C.
• IRS Will Begin Accepting Returns Claiming Education Credits By Mid-February
• IRS Shares Procedures Employers Use To Claim Increased Monthly Transit Benefit Exclusion Allowed By Administrative Taxpayer Relief Act
• Employers ACA Health Reforms Prohibit Using HRAs To Pay Individual Medical Policy Premiums & Impact Other HRA Arrangements
• ADA May Require Food Allergy Accommodation By Employers, Schools & Businesses
• Employer Deadline To Give ACA Notice of Exchange Coverage Options Delayed
• Texas Champion Bank Settlement of Charges of Illegal Lending Discrimination Reminder To Business To Tighten Business Practices
• Food Allergies May Be Disabilities Requiring Accommodation Under The ADA
• 2013 Tax Code Inflation Adjustments Announced
• Drop In Company Stock Value Held By Benefit Plans Puts Plans, Company, Management & Fiduciaries At Risk
• OCR Publishes Long-Anticipated Omnibus Restatement of HIPAA Privacy, Security, Breach Notification & Enforcement Rules
• OCR Gives HIPAA Guidance On Safety Disclosures
• IRS Offers New Simplified Option For Businesses Claiming Home Office Deductions For Home-Based Business Owners & Workers
• IRS Announces Cost of Living & American Taxpayer Relief Act Income Tax Adjustments
• Tax-Related ID Theft Growing Problem For IRS, Taxpayers
• Tax Saver’s Credit Helps Low & Moderate Income Workers Save For Retirement; Possible Tool To Help Boost Their Participation In Employer Plans
• Self-Insured Health Plan Sponsors, Health Insurers Brace To Pay New ACA-Imposed Fees
• 1st OCR Small HIPAA Breach Settlement Shows Plans, Other Covered Entities At Risk From Small Breach Reports Too
• Labor Department Targeting Businesses Violating Overtime, Other Wage & Hour Laws
• Company President, Officer Can’t Use Bankruptcy To Avoid Liability For Using Plan Money For Company Operations
• Peter Madoff 10 Sentence For Defrauding ERISA Plans Reminder Manage Plan Investment Responsibilities
• $1.25M NLRB Backpay Order Highlights Risks of Mismanaging Union Risks In Health Care & Others M&A Deals
• As EEOC Steps Up ADA Accommodation Enforcement, New DOD Apple App, Other Resources Released
• $1.5 M HIPAA Security Breach Resolution Agreement Shows Looming HIPAA Risks
• ARRA, Other Government Contractors Face Growing Enforcement & Audit Risks
• Disability Exposures Big US Business Risk; New DOD App Helps ID Resources
• Obama Administration Continues War On Management Despite NLRB’s Temporary Setback In Suit Against Arizona Secret Ballot Law
• Companies, Officers, Directors, Fiduciaries & Vendors Urged To Confirm ERISA Credentials & Bonding For Internal Staff, Plan Fiduciaries, Vendors Dealing With Benefits
• Labor Risks Rising For Employers Despite NLRB Loss Of Arizona Secret Ballot Challenge
• USI Advisors Will Pay $1.27 Million To Settle Charges It Violated ERISA Fee Disclosure Requirements
• Wal-Mart Settlement Shows ADA Risks When Considering Employee Return To Work Accommodation Requests & Inquiries
• Employer Pays $475,000 To Settle ADA Discrimination Lawsuit Challenging Medical Fitness Testing For EMTs, Firefighters & Other Public Safety Worker’s
• Employers & Plan Fiduciaries Reminded To Confirm Credentials & Bonding For Internal Staff, Plan Fiduciaries & Vendors Dealing With Benefits
• EBSA Updates Guidance On Fee Disclosure Requirements For 401(k) Plan Brokerage Window Arrangements
• Federal Mandate That Employer Health Plans Must Cover 100% Of Contraceptive, Other Women’s Health Services With No Cost Sharing Now Effective
• Use NIH & Other Free Government Resources To Help Round Out Wellness Programs

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail by creating or updating your profile at here.

For important information about this communication click here. THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS.  ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN.

©2013 Cynthia Marcotte Stamer, P.C.  Non-Exclusive License To Republish Granted To Solutions Law Press, Inc.  All Other Rights Reserved.

This entry was posted on Sunday, March 10th, 2013 at 8:46 PM and is filed under Employee Benefits, Employers, Employment Tax, Health Plans, HIPAA, Human Resources, Immigration, Insurance, Internal Controls, Payroll Tax. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.