HIPAA Handbooks

  • Privacy and security training for new and seasoned staff
  • 11 staff/setting focus areas
  • Education on protecting PHI
  • New HITECH Act changes
  • Discounts on bulk purchases



  • Role-based training using real-life case scenarios
  • Test-your-knowledge exercises with remediation
  • Post-course test to document staff participation


Other HIPAA Resources

  • Hot-topic audio conferences
  • Books on privacy and security
  • Newsletters
  • e-Newsletter
  • Videos



What you might not know about OCR HIPAA audits

Email This Post Print This Post

Elizabeth H. Johnson, Esq., has been keeping an ear close to the ground with respect to ongoing OCR HIPAA audits.

Healthcare organizations might be surprised by what auditors are requesting and focusing on, says ­Johnson, a partner at Poyner Spruill, LLP, a North Carolina law firm.
Johnson, whose practice in Raleigh focuses on privacy, information security, and records management law, listens closely to what those in the know are saying about the audit process. Her work with the KPMG audit team on a recent project offered ­additional insight into the process. KPMG is the company hired by OCR to ­conduct the HIPAA audits required by the HITECH Act.
KPMG has completed 20 initial trial audits and expects to conduct at least 95 more audits aimed at ­measuring HIPAA compliance at randomly selected healthcare organizations by the end of 2012. In a second wave of audits since the initial trial, HHS has sent another 25 ­notification letters to healthcare organizations.
Read more in the July issue of Briefings on HIPAA.


  1. What will oddballs like me do? I started building my own white boxen long ago (the first one was a 486, which ran DOSand also full 32bit System 5 Unix, before there ever was a Linux.) I haven’t bought a brand name PC since then. But my preferred form factor is a case that has room enough not only for whatever components I want to cram in there but also my head, shoulder, most of an arm, an automotive work light on a cable, and a power screwdriver. Oh, and my lunch, careful with that beer.) So I’ve never built a laptop, let alone a tablet; the form factor limitations and internal space restrictions are just too hard to deal with. But I’m not about to give up hardware hacking, especially not now that folks who buy em off the rack are about to have the bootup process, and hence the whole device, p0wn3d by various vendors and/or government agencies. I expect homebuilt white boxen will be the last to go down that road. So the answer to my own question is, probably not much different from what we’re doing now. Whatever I’m building in five years, it certainly won’t be Windows-based and doesn’t have to be Intel-based. Maybe something like the Raspberry Pi. Perhaps we’re in for a replay of the time when the internet was text only and nobody even had computers at home except a few oddball nerds. One can hope, anyway. I was somewhat dismayed when that horde of AOL n0obs showed up on usenet. If the FB generation decides to disappear into somebody’s walled garden I won’t mourn. Che sera.

Leave a Reply