This PDF is the current document as it appeared on Public Inspection on 05/29/2013 at 08:45 am.
Office of the Secretary, HHS.
In compliance with section 3507(a)(1)(D) of the Paperwork Reduction Act of 1995, the Office of the Secretary (OS), Department of Health and Human Services, has submitted an Information Collection Request (ICR), described below, to the Office of Management and Budget (OMB) for review and approval. The ICR is for a new collection. Comments submitted during the first public review of this ICR will be provided to OMB. OMB will accept further comments from the public on this ICR during the review and approval period.
Comments on the ICR must be received on or before July 1, 2013.
Submit your comments to OIRA_submission@omb.eop.gov or via facsimile to (202) 395-5806.Start Further Info
FOR FURTHER INFORMATION CONTACT:
Information Collection Clearance staff, Information.CollectionClearance@hhs.gov or (202) 690-6162.End Further Info End Preamble Start Supplemental Information
When submitting comments or requesting information, please include the Information Collection Request Title and document identifier HHS-OS-19129-30D for reference.
Information Collection Request Title: HIPAA Audit Review Survey.
Abstract: This information collection consists of an online survey of 115 covered entities (health plans, health care clearinghouses, and health care providers) that were audited in 2012 through the Office for Civil Rights HIPAA Audit Program. The survey will gather information on the effect of the audits on the audited entities and the entities' opinions about the audit process.
Need and Proposed Use of the Information: The Office for Civil Rights is currently conducting a review of the HIPAA Audit program to determine its efficacy in assessing the HIPAA compliance efforts of covered entities. As part of that review, the online survey will be used to:
- Measure the effect of the HIPAA Audit program on covered entities;
- Gauge their attitudes towards the audit overall and in regards to major audit program features, such as the document request, communications received, the on-site visit, the audit-report findings and recommendations;
- Obtain estimates of costs incurred by covered entities, in time and money, spent responding to audit-related requests;
- Seek feedback on the effect of the HIPAA Audit program on the day-to-day business operations; and
- Assess whether improvements in HIPAA compliance were achieved as a result of the Audit program.
The information, opinions, and comments collected using the online survey will be used to produce recommendations for improving the HIPAA Audit program.
Likely Respondents: The 115 audit points-of-contact for each covered entity audited as part of the 2012 HIPAA Compliance Audit Program.
Burden Statement: Burden in this context means the time expended by persons to generate, maintain, retain, disclose or provide the information requested. This includes the time needed to review instructions, to develop, acquire, install and utilize technology and systems for the purpose of collecting, validating and verifying information, processing and maintaining information, and disclosing and providing information, to train personnel and to be able to respond to a collection of information, to search data sources, to complete and review the collection of information, and to transmit or otherwise disclose the information. The total annual burden hours estimated for this ICR are summarized in the table below.
|Type of respondent||Form name||Number of respondents||Number of responses per respondent||Average burden per response (in hours)||Total burden hours|
|Covered Entity Privacy and Security Officer(s)||OCR HIPAA Audit Evaluation Survey||115||1||27||52|
Deputy, Information Collection Clearance Officer.
[FR Doc. 2013-12828 Filed 5-29-13; 8:45 am]
BILLING CODE 4153-01-P