Governmental Agency Defense

  • Overview
  • Attorneys
  • News
  • Publications
October 1, 2015

Earlier this year, the U.S. Department of Health and Human Services Office of Civil Rights (OCR) announced that it would be conducting “Phase 2 Audits” of covered entities and business associates for compliance with the privacy and security rules under the Health Insurance Portability and Accountability Act (HIPAA”). These audits will focus, in part, on a covered entity’s or business associate’s security risk assessments, mitigation plans, breach notification procedures, encryption and training and the necessary privacy and security policies and procedures. The OCR expects that these Phase 2 Audits will commence in the fourth quarter of 2015 and into 2016. For additional information, please read our client alert.

Client Alert
February 6, 2015