The Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), is responsible for enforcing the HIPAA Privacy and Security Rules. Although OCR has been enforcing HIPAA’s rules since 2003, the Health Information Technology for Economic and Clinical Health (HITECH) Act, which was enacted as part of the American Recovery and Reinvestment Act of 2009, significantly enhanced OCR’s enforcement authority.
Given this enhanced authority, there has been increased enforcement of the HIPAA Privacy and Security Rules recently with some costly outcomes for covered entities. OCR enforces the Privacy and Security Rules by investigating complaints that individuals file with it, conducting compliance reviews of covered entities and performing education and outreach to encourage compliance. OCR also works with the Department of Justice (DOJ) regarding possible criminal violations of HIPAA.
In addition, OCR has indicated that it may implement a permanent HIPAA audit program in the future.
We Make it Easy
Let us take the stress out of managing employee benefits.
Schedule a Call
We’ll ask a few questions, review your current benefits and determine your goals.
Let us Do the Leg Work
Based on your needs and budget, we’ll research all available options and help you select the right plan for your employees and your business.
Bask in the Glory
When you’re confident due diligence has been done, and you’ve selected the right plan it’s time to sit back and relax - or get to everything else on your list.