News & Events

Related News

Data backup format called into question
Read more

Backing up for the IRS
Read more

Companies smarten up to internal data audits
Read more

Data compliance struggles continue for IRS
Read more

Researchers trace majority of data breaches back to employees
Read more

Staying ahead of HIPAA compliance audits
Read more

Data compliance audit catches vulnerability in Maryland Medicaid program
Read more

Massachusetts tackles data compliance confusion
Read more

Data audits can reveal business insights
Read more

Avoiding PCI Compliance Pitfalls
Read more

Research underscores need for integrated data management systems
Read more

Survey shows health organizations ill-prepared for data audits
Read more

Ensuring compliance with Sarbanes-Oxley standards
Read more

Encouraging data compliance with revised regulations
Read more

Healthcare sector shifts focus to data compliance
Read more

Data compliance concerns limit cloud use among law firms
Read more

Security, control issues persist in the cloud
Read more

IT outsourcing may introduce compliance issues
Read more

Facebook could be subject to data audit
Read more

Conference findings reveal changing role of compliance officers
Read more

Access governance key to corporate data security, compliance
Read more

Preparing for PCI Compliance
Read more

IT consumerization necessitates new approach to data backup
Read more

Companies experiencing compliance difficulties in the cloud, report says
Read more

Data breach awareness changing compliance practices
Read more

UK Information Commissioner seeks additional data audit powers
Read more

Report: IT leaders realizing importance of data compliance
Read more

Report: Companies facing PCI compliance challenges
Read more

Understanding the PCI compliance audit process
Read more

Study: Insurance firms not prepared for Solvency II compliance
Read more

Healthcare compliance pros worried about data breaches
Read more

Businesses lax about risk data management, study finds
Read more

SEC stepping up surprise compliance exams
Read more

Nonprofits to address data management issues for financial industry
Read more

Effective data management can translate to reduced travel costs
Read more

Merchants failing to encrypt payment information
Read more

Study: Compliance spending to rise in 2011
Read more

Compliance teams expect increased supervision from regulators, study finds
Read more

In settlement, FTC requires credit report resellers to submit to compliance audits
Read more

Report: IT spending up among financial services institutions
Read more

Internal audits strengthen data compliance practices, study finds
Read more

Here's what our customers
are saying:

"B&L produces products that are very good at what they do. Vertices is the perfect example. It makes dealing with our backup tapes easy."

Read more
Register for one of our exclusive WebEx seminars and experience our legacy products in real-time with a B&L representative there to answer all your questions.
 

Data and Compliancy Audit News

Staying ahead of HIPAA compliance audits

February 14, 2012

Last November, the Department of Health and Human Services announced that it would be collaborating with specialists from KPMG Consulting to conduct up to 150 random Health Insurance Portability and Accountability Act data audits by the end of 2012. As the initiative enters full swing, health IT practitioners are anxiously preparing for a potential visit from regulators.

"In a time when fines from HIPAA noncompliance surpass the million dollar mark, covered organizations should take action now to evaluate HIPAA compliance and mitigate potential liability," Poyner Spruill attorneys Kelsey Mayo and Elizabeth Johnson explained in a recent bulletin.

According to the legal analysts, documentation should be the first priority for media management teams at audit-eligible organizations. This includes updating all policies relating to HIPAA privacy, breach notification and security standards - and having these materials "regulator-ready." If and when an organization is audited, they are only given 10 business days to respond with the appropriate documentation.

Additionally, all internal and external collaborators must be on the same page. Mayo and Johnson suggest that it may be wise to offer a "refresher" for employees that are uncertain of their HIPAA expertise so that they have a clear understanding of their roles and responsibilities. It is also crucial to assess the compliance of all business associates. HIPAA guidelines follow patient information throughout its journey between systems and organizations, and any weak links must be addressed.

Finally, offices preparing for a visit from regulators should be aware of the criteria and structure of data audits.

"[Audit procedure] will consist of interview with leadership and key personnel, an inspection of operations with respect to privacy and security and an assessment of compliance with HIPAA privacy and security regulations and the organization's HIPAA policies," Thompson Coburn partners noted in a related client advisory.

Although data audits can be intimidating, it is important to remember that regulators are motivated to provide constructive criticism, as opposed to harsh judgment. As such, establishing a cooperative and productive business relationship will be essential to improve operations in the future.