The American Recovery and Reinvestment Act of 2009, Section 13411 of the HITECH Act, requires HHS to provide for periodic audits to ensure covered entities and business associates are complying with the HIPAA Privacy and Security Rules and Breach Notification standards. To implement this mandate, OCR perform audits of covered entities to assess privacy and security compliance. For more information about the program visit http://www.hhs.gov/ocr/privacy/hipaa/enforcement/audit/index.html.
How does HHS enforce HIPAA/HITECH Compliance?
Share this in :