The long-overdue HIPAA compliance audit program likely will launch late this year or early in 2012 after up to 20 test audits are completed, says Susan McAndrew, deputy director of the federal agency overseeing the program.
The Department of Health and Human Services recently awarded a $9.2 million contract to the consulting firm KPMG to launch the audit program as mandated by the HITECH Act (See: HIPAA Audit Program Details Emerge). The HHS Office for Civil Rights will work with KPMG to roll out the program in three phases, says McAndrew, OCR’s deputy director for health information privacy.
Consider that in the past two years, of 116 data breaches affecting 1.9 million patient records, more occurred because a mobile device was lost or stolen, according to new statistics released this month by the U.S. Department of Health and Human Services Office for Civil Rights (OCR).
