In 2015, OCR conducted 115 audits and found that 96% of those audited were not in compliance with at least one major provision of HIPAA. Furthermore, nearly half of the organizations audited had not completed a risk analysis – which is required by HIPAA.
In what may come as a relief for several healthcare providers, there is still uncertainty about when the next round of HIPAA Audits will start. What you have right now is time to look at your medical practice’s state of digital security and compliance status in line with the Omnibus Rule changes if you have not already done it.
In June 2015, UC Davis Medical Center announced that it had been the victim of a data breach. The incident affected approximately 4 million people, including patients, employees, and contractors. UC Davis is one of the largest healthcare providers in the United States, with over 1,700 hospitals and clinics.
