HIPAA Audits-Protecting You and Your Patients

Legal requirements in the health care industry are constantly changing. BAS offers HIPAA audits to ensure that your practice is in compliance with the current laws and protect your practice from possible liability under HIPAA.

What are HIPAA audits?

HIPAA and HITECH Act mandate security audits for performance and privacy in medical practices. The goal of these audits is to examine compliance with HIPAA, identify best practices, determine risks and vulnerabilities, and to focus on compliance activities within the practice.

What does a HIPAA audit cover?

HIPAA audit reviews all the applicable HIPAAA policies and procedures you have in place to ensure compliance and recommends changes if necessary. Any equipment that transmits or stores PHI needs to be cataloged as required by HIPAA laws. The audit also examines your practice’s Internet security and data encryption and reviews your Business Associate Agreements.

This includes: (1) computers in the front office and clinical areas, printers, fax machines, scanners, servers, personal digital assistants, firewall equipment and modems; (2) all software including EHR programs, billing and practice management software, Internet browsing, email, and firewalls; (3) network components such as routers, hubs, phone lines, cable lines and wireless systems.

Non-compliance can be costly

OCR is responsible for enforcing the HIPAA Privacy and Security Rules, and may conduct compliance reviews to determine if covered entities are in compliance.

If your practice falls short on HIPAA compliance, you could be fined. Fines range from $100 to $50,000 per violation. The financial impact extends into Medicare and Medicare EHR Incentive Programs. If a healthcare organization attests to being compliant with HIPAA regulations, and an audit by OCR reveals this not be the case, OCR may require the practice to return the government incentive money.

Contact Us

BAS Practice Management
3555 Stanford Road, Suite 105
Fort Collins, CO 80525
Tel: 970-430-4431
Fax: 970-484-2251
Email: click here

Our Services

Medical Billing
Scheduling
HIPAA Audits
Credentialing
Collections
Accounting
EHR