Information contained in this publication is intended for informational purposes only and does not constitute legal advice or opinion, nor is it a substitute for the professional judgment of an attorney.
The HITECH Act, enacted as part of the American Recovery and Reinvestment Act of 2009, requires the United States Department of Health and Human Services ("HHS") to perform periodic audits of covered entities and business associates to ensure compliance with the privacy and security rules under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"). Starting in November 2011, the HHS’s Office of Civil Rights ("OCR") will begin a pilot audit program, which includes auditing up to 150 covered entities. All covered entities may be subject to an audit, and OCR has stated that it intends to audit a wide range of covered entities, including healthcare providers and health plans of all sizes, during the pilot program. To learn more about the pilot program and its implications for employers, please continue reading at Littler's Employee Benefits Counsel.