The Health and Human Services Department (HHS) has awarded consultant KPMG a $9 million contract to help the Office of Civil Rights create an audit program to verify that healthcare providers, health plans and their business associates adhere to HIPAA privacy and security standards.
The vendor will also visit and audit up to 150 of these covered organizations by the end of 2012 to make sure they have consistently put their privacy and security policies into practice.
Dr. Farzad Mostashari, the national health IT coordinator, announced the vendor award online July 6, citing its importance. Assuring the privacy and security of patients’ information is crucial to advancing health information exchange, he has said.
The HITECH Act strengthened the Health Insurance Portability and Accountability Act. The Office of Civil Rights oversees health privacy information issues and HIPAA enforcement.
As part of the audits, KPMG will interview senior officers, such as the CIO, privacy officer and legal counsel; examine the physical features and operations; and observe if the organization follows HIPAA requirements
The vendor will also report on the site visits, best practices noted, negative findings and recommendations, according to a description of the award in Federal Business Opportunities.