rules & regulations
Brace Yourself for the Next
Round of HIPAA Audits
M
by Laura Lopez Stinson
ore than three years have passed since the Office for Civil
Rights completed the pilot phase of HIPAA compliance
audits. The OCR discovered numerous violations of
HIPAA Rules when it analyzed the first audit results. While
data security standards have improved considerably since 2012,
survey results – and my own experience – indicate that many
North Texas dental practices would fail another HIPAA compliance audit.
I find the results of this new survey somewhat disheartening.
Recently released by Healthcare Information Security Today,
the survey shows that most practices are guilty of the exact same
compliance errors and omissions uncovered during the pilot
phase of OCR audits back in 2012.
The OCR used the 2012 audit results to develop their protocols
26 NORTH TEXAS DENTISTRY | www.northtexasdentistry.com
for Phase Two, with the new round of HIPAA compliance audits
beginning this year. Texas dentists are still struggling to implement the privacy policies and procedures that will be tested this
second time around. I visit practices daily, and I believe most
North Texas dentists will be in for a shock when they’re audited
for HIPAA compliance.
Here’s why: HIST’s survey displayed a high level of privacy confidence. Fully 80% of survey respondents said they were confident or somewhat confident of passing a HIPAA audit.
However, many North Texas practices fail to perform a Risk
Assessment, meaning their level of compliance competence is
open to question.
OCR’s initial compliance audits found many other areas in
which practitioners were failing to comply with the HIPAA