OCR Publishes Compliance Audit Protocols
HEALTHCARE PRIVACY—U.S.June 28, 2012
GovInfoSecurity reports the Department of Health and Human Services' Office for Civil Rights (OCR) has released the official protocol for ongoing HIPAA-compliance audits. The protocol offers a detailed breakdown of audit procedures, the report states, and will be used by KPMG to conduct the OCR's audits. It includes 77 areas of evaluation for the HIPAA Security Rule and 88 for the Privacy and Breach Notification Rule. The OCR has said KPMG will conduct 115 compliance audits this year. The first 20 were recently completed.