Skip to main content

In the months before a transition to a new administration, the Office for Civil Rights (OCR) released the long-awaited 2016-2017 HIPAA Audits Industry Report, offering a look at the successes and shortcomings of select covered entities (CE) and business associates (BA).

Among the major takeaways: Eighty-nine percent of the audited CEs failed to show they were correctly implementing the individual right of access.

To provide an extra layer of analysis, OCR created a rating system to show varying degrees of compliance, with a 1 rating representing the highest level of compliance and a 5 rating representing the lowest. Only one audited CE received a 1 rating for its access implementation. The majority of CEs (78%) received either a 4 or 5 rating.


Bowen is an established author and speaker on healthcare privacy and security. She is an active member of the American Health Information Management Association (AHIMA), having served as its President and Board Chair, as a member of the Board of Directors and of the Council on Certification, and currently sits on the AHIMA Foundation Board of Directors. In her role at MRO, Bowen works with clients to ensure HIM policies and procedures are to code. Additionally, Bowen serves as the company’s Privacy and Compliance Officer (CPO).

More Posts