877.334.8512 |      

EHR and practice management for mental / behavioral health


2016: Year of the HIPAA Audit - Are You Prepared?

PIMSY mental health software HIPAA audits in 2016

by Donna Koger, 10.29.15 

HIPAA 2016: Part 1: What’s On the Horizon?

The Office of Inspector General (OIG) of the U.S. Department of Health and Human Services (HHS) issued two reports recently calling for the HHS Office of Civil Rights (OCR) to strengthen its Health Insurance Portability and Accountability Act (HIPAA) enforcement efforts. In response to these reports, HHS announced that it will launch HIPAA audits early next year [2016] in order to be more proactive in HIPAA enforcement.

OCR recently stated in a media report that audits were expected to start in 2016, but in a September 23, 2015 letter, the office more specifically said that audits will start early in the year.

As a result, the FY 2016 Budget for the Office for Civil Rights (OCR) is $43 million, an increase of $4 million over FY 2015. We should all have such an increase in revenue, eh?

Why The Change?

The increase in funds will support OCR’s audit program which was mandated by the HITECH Act to conduct periodic random audits to assess entity compliance with HIPAA.

The audit program will help ensure HIPAA compliance by covered entities and business associates, while also informing OCR on areas to direct its enforcement and technical assistance.

In addition, the increase in funds will support OCR’s continued expansion and improvement of its operations unit, which has significantly improved its efficiency by receiving, recording, triaging, and distributing complaints for evaluation and resolution.

Audit Protocol

To that end, OCR has established a comprehensive audit protocol that contains the requirements to be assessed through audits. A detailed list of OCR protocols when administering audits is available here: http://www.hhs.gov/ocr/privacy/hipaa/enforcement/audit/protocol.html.

The inspector general wrote in a report issued September 22, 2015, “HHS is vowing to launch audits early next year [2016] to gauge compliance with privacy provisions of HIPAA . . . without fully implementing a permanent audit program, OCR cannot identify covered entities that are non-compliant.”

Covered entities to be included in the audits are health care providers, insurers, clearinghouses and business associates. They are all required to disclose suspected breaches of protected health information and audits can examine compliance with various obligations related to the privacy and physical security of PHI.

What Does This Mean For You?

So what does all this government money mean for you? Unfortunately, it means there will be more audits beginning in early in 2016 so be sure you are prepared. For mental health audit tips, see Who’s Afraid of the Big Bad Audit.

Find more complimentary resources in our HIPAA Resource Center

Sources Include


This is the first article in a series with tips & tools to help maintain HIPAA compliance. Related Posts:
Part 2: Into the Breach
Part 3: PHI Identifiers
Part 4: 10 Steps to HIPAA Compliance





Donna Koger is currently the HIPAA Compliance Officer and materials developer for software training and support at Smoky Mountain Information Systems, home of PIMSY EHR. Ms. Koger is also a regular contributor to the PIMSY EHR Blog.

Resources - PIMSY HIPAA

  • Default
  • Title
  • Date
  • Random
load more hold SHIFT key to load all load all

Kudos from Clients

  • Seth H.

    “PIMSY more than pays for itself by streamlining my office, improving efficiency and reducing billing times. I would recommend PIMSY to anyone looking for a good EMR company that will help you implement its program and help you with any questions you have along the way.”

    ~ Seth H., Business Owner

  • Karen B.

    “Love PIMSY! So much quicker to complete notes and easier for everyone working with clients to know current authorizations and track units.”

    ~ Karen B., Therapist

  • Dr. Carmen L.

    “I am extremely appreciative and am so glad I decided to go with PIMSY versus the other options I was considering. I was singing your praises to a colleague of mine today who is feeling overwhelmed with her paper process. I highly recommend all of you.”

    ~ Dr. Carmen L., Program Director

  • Kim T.

    “We are now functioning at a 50% faster recovery rate for money and a 50% lower denial rate. You should really give the PIMSY team time to demonstrate for you personally.”

    ~ Kim T., Business Director

Subscribe To Our Newsletter

Subscribe to the PIMSY newsletter
What topics are you most interested in?