CMS hires PwC to review hospitals' HIPAA compliance

Working with consulting firm PricewaterhouseCoopers, CMS has begun a series of "compliance reviews" of hospitals to see whether they're meeting the standards set by the security rule specified in the administrative-simplification section of HIPAA. To date, CMS has received about 200 complaints about possible violations of this rule. Now, it's asking PwC to review 10 to 20 organizations that face complaints.

While it's understandable that CMS would want to follow up on the complaints, it's not doing so just to make nice--CMS is itself facing an HHS Inspector General's office review as to how it handles HIPAA security enforcement. To date, CMS hasn't been particularly aggressive in investigating HIPAA violations, statistics suggest.

To learn more about the pending reviews:
- read this Modern Healthcare article (reg. req.)

Related Articles:
HIPAA standards move forward. Report
Providers, states still struggle with HIPAA. Report
HIPAA compliance nears adolescence. Report
Over-applying and misapplying HIPAA is common. Report

Suggested Articles

The profit margins and management of Community Health Group raise questions about oversight of managed care insurers.

Financial experts are warning practices about the pitfalls of promoting medical credit cards to their patients.

A proposed rule issued by HHS on Tuesday would expand short-term coverage, a move Seema Verma said will have "virtually no impact" on ACA premiums.