First few Article Sentences
The Department of Health and Human Services (HHS) recently announced that the Office for Civil Rights (OCR) started Phase 2 of its audits of covered entities and business associates. This initiative is part of OCR’s efforts to assess compliance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security and Breach Notification Rules. OCR uses the data it obtains during the audit process to examine compliance mechanisms, determine best practices, and discover program risks and vulnerabilities. Phase 1 took place in 2011 and 2012, during which OCR assessed the systems used by 115 covered entities to maintain compliance with HIPAA requirements.