HIPAA Audits On the Way—Are You Ready? Part 1

What We Learned from the Last Round of HIPAA Audits

Between 2016 and 2017, in its most recent round of compliance audits, OCR reviewed a little over 200 covered entities and business associates through remote audits. A December 2020 report followed, revealing the shortcomings of covered entities and business associates chosen for reviews. During Part 1 of our series, two former OCR officials who are part of Clearwater’s Privacy and Compliance Services team will review the shortcomings spotlighted in the report, many of which are still common today, including the failure to conduct a security risk analysis and to give patients access to their records.

Our team will also provide an overview of OCR’s requirement to perform audits and the audit process and review the privacy, security, and breach specifications audited.

Presentation Materials


Andrew Mahler, JD, CIPP/US, CHC, CHPC, CHRC
Vice President, Privacy and Compliance Services
Omenka Nwachukwu, Esq.
Omenka Nwachukwu, JD
Principal Consultant, Privacy and
Compliance Services

Related Blogs

With Us