Health and Human Services, Office of Civil Rights (“OCR”) is responsible for enforcing violations of civil rights laws and Health Insurance Portability and Accountability Act (“HIPAA”) Privacy and Confidentiality Rules.
HIPAA Privacy and Security
- Individual Access Rights – Individuals may request protected health information (“PHI”) maintained by a covered entity. A covered entity may charge a fee for copies of PHI under limited circumstances.
HIPAA Audits – Privacy, Security, and Breach Notification
The OCR conducts on-site and desk audits to determine a covered entity’s compliance with HIPAA. In 2011 and 2012 (Audit Phase I), OCR implemented a pilot audit program to review 115 covered entities to determine compliance with HIPAA. In 2016, OCR launched Audit Phase II, selecting a number of covered entities and providing notification via e-mail. In 2017, OCR continue the Audit Phase II review by selecting business associates.
ACA Section 1557 – Discrimination based on sex, race, color, or national origin
The information contained on this site is for educational purposes only. USI does not provide legal or tax advice. For advice specific to your situation, please consult an attorney or other professional.
© 2017 USI Insurance Services LLC, All Rights Reserved.