Let's wait and see Dana...everything is in a state of flux and ALOT could change in the next year (hopefully for the better)!
8+ Years of damage isn't going to change over night.
CynergisTek, a computing and security consultant, reported on its blog recently that HIPAA compliance audits will be increased this year, thanks to a contract the government signed with PriceWaterhouseCoopers.
I admit that the significance of this went right by me at first. Then I went, “whaah?”
The government’s enforcement process has just been privatized.
Admittedly there is a huge backlog of audits. CynergisTek reports that the government has a list of over 100 active complaints concerning lax HIPAA compliance, which have to be checked out before anyone knocks on your door.
According to iHealthBeat, PWC is going to review 10-20 organizations under the one-year contract, so unless someone has an outstanding complaint against you you’re probably safe.
But the knock will come, CynergisTek promises. Oh, they work in that area and will be glad to hear from you.
Perhaps you think nothing of this. Nothing gets done on law enforcement until the government hires some private firm to do it. The assumption is the private firm will do it efficiently.
But I know how much a good PWC auditor costs, and I know how much the average civil service auditor makes. I guarantee the latter costs less, unless PWC itself is outsourcing this work to India or someplace.
And would it be too much to ask for the public, or at least the industry, to get a gander at that contract? On what basis is PWC being paid? What is their incentive? Is it a fixed price per audit, is it hourly, or is it based on the fines they collect?
The folks at iHealthBeat have another concern. What if PWC has to audit one of its own clients? The government says the company will recuse themselves. Does that mean the audit is then off? Better call PWC, then.
Given the excitement which occurs here whenever I mention the word HIPAA, chances are you have your own questions.
