CMS has started audits on organizations that have attested to HITECH Meaningful Use and have received
funds. They plan is to audit 5 % percent of the people who have attested for HITECH Meaningful Use core measure 15 and received funding. Although
the initial audit is a “Desk Audit” done electronically where a third party company
will be requesting electronic documentation on your attestation, your lack of
documentation or performance could lead to them reporting you to HHS as a HIPAA
Violator. If you are found to be negligent you could face fraud
enforcement charges if your documentation does not meet the guidelines.
Some sites have been already moved to this process while others have appealed.
These audits involve the HIPAA Risk Assessment and EHR compliance. So the question
to yourself should be, have you completed a HIPAA Security Risk Assessment (Audit and Remediation) and do you
have the ability to regurgitate that information to auditors in the event you
are audited or accessed that would include the Gap and Remediation plans, and
possibly your HIPAA policy and procedures.
If
not prepare be prepared for lawyers, fines and possibly and fraud
investigation.
.jpg)
.jpg)
.jpg)
.jpg)