A Look into 2017: New Administration and OCR Audits

We are 9 days out from swearing in a new President. How will the administration change impact HIPAA in 2017? Most industry insiders struggle to forecast what President-elect Donald Trump will do upon taking office being that his position on health information privacy and security is not well known.

A New Direction of the Department of Health and Human Services (HHS)Print

The President-elect’s pick for the next Department of Health and Human Services secretary, is a physician named Tom Price. As a member of the House of Representatives, Dr. Price has a history of supporting the development of emerging health information technologies. A critic of “burdensome regulations on healthcare providers,” he sponsored legislation to reduce reporting requirements for providers participating in HITECH Act’s Meaningful Use electronic health record incentive payment program.

Additionally, Dr. Price is a staunch critic of the Affordable Care Act and has a legislation record including proposals to amend current HIPAA Privacy Rule restriction on health insurers providing employers who sponsor employee benefit programs with information about employee and family health insurance claims and treatment records.

Given his past history, it is not unsafe to say that Dr. Price may take the department down a different road in the coming years.

HHS Office for Civil Rights (OCR) Audit Protocol

After the “audit boom” of 2016 and seemingly continuous big healthcare data breaches, OCR sure was busy last year.HIPAA-AUDIT-2016

So, what can we expect going forward? All indicators point to more of the same. Many speculate that OCR will sustain the ongoing HIPAA audits as part of the Phase 2 Audit Protocol but at a slower pace than last year. With nearly 1,800 breaches on the OCR “wall of shame” the need for close monitoring of protected health information continues to grow.

At the end of 2016, OCR had more than 200 desk audits underway, shining a spotlight on covered entities (CE’s) and business associates (BA’s) alike. The audits took an in-depth look at the policies and procedures of each organization in respect to complying with the HIPAA Privacy, Security and Breach Notification Rules. It is clear the HIPAA audit program is here to stay however time will tell if the aggressive nature of the Phase 2 Audits will continue.

In terms of leadership within OCR, we will soon see a change. Current Director, Jocelyn Samuels will be stepping down before or around the time the President-elect takes office. At this point it is not known who will replace her as the standing Director and when that individual will be announced.

Speak Your Mind

*