Unofficially… OCR hopes to begin the audit process by the end of 2014 or the beginning of 2015. in this second round of HIPAA compliance audits. OCR will look at covered entities and business associates’ risk analysis and risk management (the Security Rule), the content and timeliness of breach notifications (the Breach Notification Rule) and the notice of privacy practices and access rights (the Privacy Rule). The agency will focus on the risk to the data, not the risk to the impacted individual.

Read the article here

“As of Aug. 27, 2014, BAs are responsible for a whopping 58 percent of the records breached, according to OCR data. BAs work on behalf of healthcare organizations in countless ways: quality improvement analysis, patient safety activities, billing and collections, IT services, benefits administration and so on. “

Read the article here ==> Article

InfoTech Innovators in addition to helping Healthcare providers ( covered entities) can also work with business associates to insure their HIPAA Security Risk Assessments have been done, with a gap remediation plan, to help them establish on going risk management.

More than 75 million records have been compromised this year in approximately 568 breaches, according to the most recent breach report by the Identity Theft Resource Center.

“Medical and health care organizations accounted for the majority of breaches, at 43.5 percent. Last year, businesses accounted for 84 percent of breaches. The dramatic switch in targets, or impacted industries, could be indicative of a lack of education or resources in the health care field.”

Read article here ==> http://www.scmagazine.com/568-breaches-compromiseed-75-million-records/article/374282/