HIPAA Audit Update: Susan McAndrew

May 12, 2010.
HIPAA Audit Update: Susan McAndrew
Read Transcript

Federal HIPAA privacy and security rule compliance audits of healthcare organizations and their business associates likely will start later this year, says Susan McAndrew, deputy director for privacy in the HHS Office for Civil Rights.In an exclusive interview, McAndrew says the timing of the start of the HITECH Act's mandated audit program "will really depend on the ultimate selection of what model we use" and how fast that model can be implemented.

McAndrew also said:

  • The audits likely will be outsourced and not conducted by OCR staff.
  • Security audits will check that organizations have completed a risk assessment and implemented appropriate administrative, technical and physical safeguards.
  • Audits for compliance with the privacy rule will focus on organizations' efforts to uphold individuals' rights, such as their right to access their own medical records.

McAndrew made her comments in an interview at the conference: "Safeguarding Health Information: Building Assurance through HIPAA Security," sponsored by OCR and National Institute of Standards and Technology.

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Health InfoSec Survey Deadline Jan. 5

Jan. 5 is the deadline for participation in the fourth annual Healthcare Information Security Today...

Latest Tweets and Mentions

ARTICLE Health InfoSec Survey Deadline Jan. 5

Jan. 5 is the deadline for participation in the fourth annual Healthcare Information Security Today...

The ISMG Network