OCR “Raises The Stakes” For HIPAA Compliance in Second Quarter 2016

During the first quarter of 2016, the OCR announced several actions which highlight the need for Covered Entities and Business Associates to prioritize their HIPAA compliance efforts for the second quarter of 2016.  These included the initiation of Phase II of the OCR HIPAA Audit Program; imposition of  significant fines on Covered Entities that failed to implement sufficient compliance policies, maintain a comprehensive risk analysis and execute Business Associate Agreements with key vendors; and the launch of its Cyber-Awareness Initiative to provide guidance regarding security issues, such as  ransomware.  In addition, we are seeing increased enforcement action by states, including New York’s Attorney General.

For more information regarding these new developments, please click here to read our Client Alert.

Whether you are a Business Associate or a Covered Entity, now is the time to consider updating your HIPAA readiness. If you need assistance with these actions, you can contact any member of the HIPAA Compliance Practice Group or the GW attorney you normally speak with regarding these matters.