As the original twitterer ( @NickGenes ) said, “…because there wasn’t enough bureaucracy & expense in healthcare yet”.
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has begun the process of notifying covered entities that they are among the unlucky few who have been selected for the first Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy and security audits under the Health Information Technology for Economic and Clinical Health (HITECH) Act. …
While the first twenty covered entities have been selected, approximately another 130 remain in this audit round. HHS has indicated that it hopes to continue with proactive audits in the future and expects to become more aggressive in its enforcement of complaints.
Yes, this is HITECH, the Son of HIPAA, but it all started with HIPAA.
Is it worth pointing out that HIPAA exempted itself from the unfunded mandate and paperwork reduction rules when it was enacted? I pointed out then that their assertion that it wouldn’t cause an increase in paperwork, nor was it an unfunded mandate was really unlikely.
How many Millions of dollars and man-hours are we pouring down these regulatory holes?