On TV.com: The Shocking HEROES Death, Revealed
BNET Business Network:
BNET
TechRepublic
ZDNet

January 10th, 2008

Should HIPAA compliance be outsourced?

Posted by Dana Blankenhorn @ 9:59 am

Categories: Consumer Information, General, Government, U.S.

Tags: Audit, PricewaterhouseCoopers Consulting, Compliance, Outsource, Assumption, Nothing, Government, Hipaa, Regulatory Compliance, Vertical Industries

HIPAA imageCynergisTek, a computing and security consultant, reported on its blog recently that HIPAA compliance audits will be increased this year, thanks to a contract the government signed with PriceWaterhouseCoopers.

I admit that the significance of this went right by me at first. Then I went, “whaah?”

The government’s enforcement process has just been privatized.

Admittedly there is a huge backlog of audits. CynergisTek reports that the government has a list of over 100 active complaints concerning lax HIPAA compliance, which have to be checked out before anyone knocks on your door.

According to iHealthBeat, PWC is going to review 10-20 organizations under the one-year contract, so unless someone has an outstanding complaint against you you’re probably safe.

But the knock will come, CynergisTek promises. Oh, they work in that area and will be glad to hear from you.

Perhaps you think nothing of this. Nothing gets done on law enforcement until the government hires some private firm to do it. The assumption is the private firm will do it efficiently.

But I know how much a good PWC auditor costs, and I know how much the average civil service auditor makes. I guarantee the latter costs less, unless PWC itself is outsourcing this work to India or someplace.

And would it be too much to askĀ for the public, or at least the industry, to get a gander at that contract? On what basis is PWC being paid? What is their incentive? Is it a fixed price per audit, is it hourly, or is it based on the fines they collect?

The folks at iHealthBeat have another concern. What if PWC has to audit one of its own clients? The government says the company will recuse themselves. Does that mean the audit is then off? Better call PWC, then.

Given the excitement which occurs here whenever I mention the word HIPAA, chances are you have your own questions.

Dana BlankenhornDana Blankenhorn has been a business journalist since 1978, and has covered technology since 1982. He launched the Interactive Age Daily, the first daily coverage of the Internet to launch with a magazine, in September 1994. See his full profile and disclosure of his industry affiliations.

Email Dana Blankenhorn

Subscribe to ZDNet Healthcare via Email alerts or RSS.

  • Talkback
  • Most Recent of 7 Talkback(s)
basics
Will PWC employees know the difference between an autoclave and a microwave? The first OSHA inspectors had no clue. Darrell Pruitt DDS... (Read the rest)
Posted by: Darrell Pruitt DDS Posted on: 01/13/08 You are currently: a Guest | | Terms of Use
Why is the sky blue?????  D. T. Schmitz | 01/10/08
RE: Should HIPAA compliance be outsourced?  Darrell Pruitt DDS | 01/10/08
RE: Should HIPAA compliance be outsourced?  queenofkeyboards@... | 01/11/08
Tax collection used to be outsourced  John L. Ries | 01/11/08
like a foreign country contolling our ports, this is a bad idea. (nt)  wessonjoe | 01/11/08
RE: Should HIPAA compliance be outsourced?  dgalligan | 01/11/08
basics  Darrell Pruitt DDS | 01/13/08

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Enterprise Applications

  • Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
  • New Online Dashboard
  • Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline