HIPAA Self-audit Tools


The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) released an updated audit protocol that health plan sponsors and business associates can use to prepare for Phase 2 of the HIPAA audit program.
The OCR audit protocol is organized around modules, each representing separate elements of privacy, security and breach notification. The protocol identifies approximately 180 areas for potential audit inquiry.
The updated OCR audit protocol identifies “key activities” (HIPAA standards) and provides information on the legal requirements for each standard, as well as potential audit inquiries related to the HIPAA requirements. More information about the audit protocol can be found here.
HIPAA’s Security Risk Assessment (SRA) Tool can also be used to perform and document an organization’s security risk analysis. The SRA Tool can be downloaded here.
Even if your organization is not selected for a Phase 2 audit, it is important to self-audit your business to ensure compliance, since the OCR will likely continue its enforcement efforts after Phase 2 audits are complete.
Are you concerned about HIPAA and how it impacts your organization?  As a health insurance client, AUI can provide you with additional tools to help keep you compliant.  Please contact us today to learn more.

We do more than cover small businesses and individuals with the right insurance policies and benefit plans – what motivates our team is helping you save more so you can invest more in your team, family, and goals.

Recent Articles

Sign Up for Our Newsletter!

Never miss an update from AUI – sign up for our newsletter today for the latest from our team and industry!

This field is for validation purposes and should be left unchanged.

Request a
Personalized Quote

Tell us a little about your insurance needs, then we will contact you for a quick conversation about what you do, what you love, and how we can help!