Spring Has Sprung and It’s Brought HIPAA Audits along with It


Thought Leadership

Spring Has Sprung and It’s Brought HIPAA Audits along with It

Zix Staff

If you’re a member of the healthcare community, then you’ve probably seen the news:

The U.S. Office for Civil Rights (OCR) announced that it has rolled out Phase 2 of the Health Insurance Portability and Accountability Act (HIPAA) Audit Program, which will lead to hundreds of reviews of covered entities and their business associates.

So what does this all mean?

Thanks to the adoption of electronic health records, the sheer volume of sensitive patient data that is handled by healthcare organizations and their business associates has exploded. So there is only one thing that can be top of mind: security.

The second phase of the OCR HIPAA audit process will assess the policies and strategies that covered entities and business associates have adopted in an effort to remain HIPAA-compliant. It takes the normal auditing process we saw in Phase 1 back in 2011 and extends it further by bringing in business associates — which is certainly in everyone’s best interest considering that of the 1,472 major healthcare data breaches chronicled on the OCR’s Web site, 21 percent involved a business associate. Those breaches consequently exposed 32.8 million individuals’ records.

Because email serves as a driving force in day-to-day business communications, your staff must have the right solutions and training to protect this vulnerable channel.

If you happen to use a Zix Email Encryption, you’re already ahead of the game when it comes to securing email. Outbound emails are automatically scanned for protected health information (PHI) and other sensitive information, and if a policy is triggered, email is automatically encrypted. Additionally, you have access to the ZixDirectory — a community of 52 million members strong and growing. In the community, you and our 13,500+ customer can exchange secure email transparently without any passwords or extra steps.

Want to learn more about Zix and how you can prepare for an OCR HIPAA audit? Register for our Webinar with David Holtzman, Vice President of Compliance at CynergisTek, and Zix security experts on Wednesday, May 11, at 2 p.m. ET.