| HN Mirror

Y	Hacker News new \| ask \| show \| jobs


	by marcinzm 2415 days ago
	>The dept of HHS requires any organization with HIPAA business associate status to regularly undergo audits. Can you provide a link to this requirement? The HIPAA/HITECH laws provide no requirements for an external audit (and self-audits aren't actually audits) and the HHS, as far as I know, only does small sample random audits unless a complaint was made.