Episode 406: Key Takeaways from the HIPAA Regulators Annual Reports
we summarize what group practice owners should know about the Office of Civil Rights Annual Reports to Congress and explain how understanding them can inform risk management.
We discuss the compliance report from the Office of Civil Rights (OCR); how complaints filed were resolved; compliance reviews vs. audits; reframing the (very common) fear of HIPAA complaints; the unsecured PHI report from the OCR; risk management for avoiding large breaches; the importance of reporting breaches; and the primary sources of breaches and ways to minimize them.