HHS to conduct compliance reviews
E698613
HHS to conduct compliance reviews refers to the U.S. Department of Health and Human Services’ authority to proactively investigate and assess covered entities’ and business associates’ adherence to HIPAA privacy and security requirements.
Statements (44)
| Predicate | Object |
|---|---|
| instanceOf |
HIPAA enforcement mechanism
ⓘ
regulatory authority action ⓘ |
| aimsToProtect |
individuals’ health information privacy
ⓘ
security of electronic protected health information ⓘ |
| appliesTo |
HIPAA business associates
ⓘ
HIPAA covered entities ⓘ |
| carriedOutBy |
HHS Office for Civil Rights
NERFINISHED
ⓘ
U.S. Department of Health and Human Services NERFINISHED ⓘ |
| focusesOn |
administrative safeguards for electronic protected health information
ⓘ
breach notification practices ⓘ business associate agreements ⓘ physical safeguards for electronic protected health information ⓘ policies and procedures for HIPAA compliance ⓘ risk analysis and risk management processes ⓘ technical safeguards for electronic protected health information ⓘ use and disclosure of protected health information ⓘ workforce training on HIPAA requirements ⓘ |
| geographicScope |
United States of America
ⓘ
surface form:
United States
|
| governedBy | federal health information privacy law ⓘ |
| involves |
evaluation of technical systems and safeguards
ⓘ
interviews with relevant personnel ⓘ review of documentation and records ⓘ |
| legalBasis |
HIPAA Breach Notification Rule
NERFINISHED
ⓘ
HIPAA Privacy Rule NERFINISHED ⓘ HIPAA Security Rule NERFINISHED ⓘ Health Insurance Portability and Accountability Act NERFINISHED ⓘ |
| mayBeInitiated |
in response to indications of systemic noncompliance
ⓘ
in response to patterns of complaints ⓘ proactively by HHS ⓘ |
| mayResultIn |
civil monetary penalties
ⓘ
corrective action plans ⓘ findings of noncompliance ⓘ resolution agreements ⓘ |
| objective |
deter future violations of HIPAA requirements
ⓘ
promote voluntary compliance with HIPAA ⓘ |
| purpose |
assess compliance with HIPAA breach notification requirements
ⓘ
assess compliance with HIPAA privacy requirements ⓘ assess compliance with HIPAA security requirements ⓘ enforce HIPAA protections for protected health information ⓘ identify patterns or practices of noncompliance ⓘ |
| relatedTo |
HIPAA audits
ⓘ
HIPAA compliance investigations ⓘ |
| subjectOf |
HIPAA Privacy Rule enforcement
ⓘ
HIPAA Security Rule enforcement NERFINISHED ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.