Adam Greene

Adam Greene

At a recent HIPAA-HITECH Blue Ribbon Panel hosted by Clearwater Compliance Adam Greene, a Partner with Davis Wright Tremaine LLP, warns “OCR is losing patience quickly with organizations who aren’t prepared,” and expands “Not having a risk analysis in place, not encrypting laptops, failing to have a culture of compliance…there was a day when a corrective action plan would be enough to satisfy OCR in these areas, but those days are behind us.

This follows OCR’s recent announcement to conduct 12,000 audits and a recent increase in enforcement action by the Federal Trade Commission.

The consistent guidance coming from all parties seems to be that compliance is a journey but while organizations may find themselves at different stages there is no excuse for the failure to conduct at least Risk Assessment. And failure to do so could have significant implications should be be audited or have a breach.

You can read the full press release here.