At a recent HIPAA Security Rule conference, Linda
Sanchez with the Office of Civil Rights (OCR) advised that the results of the first 20 OCR/KPMG pilot audits found security compliance was in worse shape than privacy
compliance. In fact, security gaps or
security breach issues constituted 74% of the findings while privacy violations accounted for 26%.
As a reminder, significant funding has been
appropriated for the purpose of continuing to audit health care privacy practices. And I know that there has been Federal interest in ramping up compliance investigations in the Las Vegas area. So health care practitioners should be preparing for continued or increased oversight and investigation of their HIPAA practices by HHS.
