In recent months, the Department of Health and Human Services (HHS) and the Office of Civil Rights (OCR) have revved up their efforts in enforcing the Privacy and Security Rules under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH Act) through plans to conduct audits of covered entities (health care providers, health plans and health care clearinghouses) and business associates (persons or entities that perform certain functions or activities that involve the use or disclosure of protected health information on behalf of, or provides services to, covered entities).
In March 2010, HHS contracted with consulting firm Booz Allen Hamilton to conduct a study of various audit methods. This study was completed in August 2010, but the results of the study have yet to be made public. However, on June 9, 2011, HHS awarded a $180,000 contract to Booz Allen Hamilton for “audit candidate identification.” It is expected that Booz Allen Hamilton is engaged to identify a comprehensive list of covered entities and business associates throughout the United States.
Source: International Lawyers Network
