Under the Risk Analysis module of HIPAA Help Center, covered entities can generate an audit report with the click of a button. In the audit module, users can populate the screen with system-generated reports created from data that resides in HIPAA Help Center. In this section, users can review their contingency plans, employee rosters, employee training logs and more. The module also suggests reports that have not yet been generated but may be helpful during an audit.
HIPAA’s burden of proof section requires covered entities to demonstrate that they have complied with the law. Specifically, they must show that no disclosures breached the Privacy Rule, they have adequate safeguards for PHI and ePHI in place and they notified patients if a breach occurred. HIPAA Help Center’s Audit module makes this easy for covered entities, as the application collects all of the evidence in one place. Information is integrated into professional and easy-to-follow documents.
Within these documents, application users will be able to showcase the following:
- Asset inventory.
- Policies and procedures.
- Contingency plan.
- Business associate addendums.
- Employee training log and roster.
- Risk assessment.
- Privacy and disclosure notices.
Frequently asked questions about HIPAA audits:
What will an auditor want to see?
Beyond evidence that covered entities have complied with HIPAA, auditors appreciate seeing that health care providers have gone above and beyond to protect patient privacy. HIPAA Help Center Audit Report module will provide the contingency plan activation and testing log, a data back-up testing log and the inventory of awareness alerts sent from HIPAA Help Center. These all demonstrate that the covered entity has taken measures to determine whether their safeguards for ePHI will hold up against real-life threats.
How does the Audit Report module make readiness easier?
HIPAA Help Center Audit Report module streamlines the preparation process. Once application users click “Generate Audit Report,” they will arrive at a screen that lists a variety of options to include in the report. For example, health care providers can include just the contingency plan and risk assessment in their audit report bundles, or they can integrate every document that exists in the system.
How often should covered entities perform audits?
Health care providers should review their safeguards and procedures on a regular basis through self-audits. In fact, the law requires covered entities to amend these policies as needed. With HIPAA Help Center Audit Report module, routinely checking up on the state of compliance is easy.