OCR: Healthcare HIPAA Compliance Report Finds PHI Security Failures
Health IT Security
The Department of Health and Human Services Office for Civil Rights released an audit report on HIPAA compliance in the sector from 2016 to 2017 based on reviews of selected healthcare covered entities and business associates, which revealed several protected health information security failures.
Under HITECH, HHS is required to periodically conduct audits on industry compliance with the HIPAA rules. For its latest report, OCR conducted reviews of 166 covered entities and 41 business associates, which have been notified of the agency’s findings.
“The audits gave OCR an opportunity to...