Questionnaire - Covered Entity Administrator or Privacy Officer(s)

HIPAA Covered Entity and Business Associate Pre-Audit Survey

Survey 03 13 2015

Questionnaire - Covered Entity Administrator or Privacy Officer(s)

OMB: 0945-0007

Document [pdf]
Download: pdf | pdf
OCR HIPAA Audit - Entity Survey
Survey Instructions & Objective

 

Form Approved 
OMB No. 0945 ­ xxxx 
Exp. Date XX/XX/20XX 
 
Questionnaire Instructions and Objective
Survey Instructions:
Please complete the screening questionnaire by providing the requested information below. After checking the
appropriate boxes to indicate your entity type please respond to the referenced questions. Answer questions to the
best of your knowledge. Data will be kept private to the extent allowed by law. Please submit your responses by the
deadline provided.
Survey Objective:
This screening questionnaire is intended to gather data about the size, complexity, and operations of potential auditees
for the HIPAA Privacy, Security and Breach Notification Audit Program. These data will be used with other information
to help us select entities that reflect a variety of types, size, and locations for the Audit Program.
Please note that if your organization is selected for audit, communications from OCR will be sent to the email addresses
of the contact persons identified below.
 
 
 
 
____________________________________________________________________________ 
According to the Paperwork Reduction Act of 1995, no persons are required to respond to a collection of information 
unless it displays a valid OMB control number. The valid OMB control number for this information collection is 0945 ­ 
xxxx . The time required to complete this information collection is estimated to average 30 minutes per response, 
including the time to review instructions, search existing data resources, gather the data needed, and complete and 
review the information collection. If you have comments concerning the accuracy of the time estimate(s) or suggestions 
for improving this form, please write to: U.S. Department of Health & Human Services, OS/OCIO/PRA, 200 Independence 
 
Ave., S.W., Suite 336­E, Washington D.C. 20201, Attention: PRA Reports Clearance Officer 

Page 1

OCR HIPAA Audit - Entity Survey
A. Contact information

 

*1. Please provide the following information:
Entity Name:
Privacy Officer or Primary 
Contact Name:
Title:
Email address:
Phone Number:
Address for official 
correspondence:

*2. Please designate an additional individual as an alternate or backup for the primary

contact:
Name:
Title:

Email address:
Phone Number:

 

Page 2

OCR HIPAA Audit - Entity Survey
B. Basic descriptive information about your organization

 

*3. Entity is:
j Public
k
l
m
n

 

j Private
k
l
m
n

 

*4. Entity is:
j Multi­location (the organization has multiple service delivery sites and/or separate support facilities.
k
l
m
n
j Single location only (the primary operations and any support activities are co­located)
k
l
m
n

 

 

*5. Is your organization part of, affiliated with, or otherwise owned or controlled by

another organization?
j No
k
l
m
n

 

j Yes 
k
l
m
n

 

 

Page 3

OCR HIPAA Audit - Entity Survey
B. Basic descriptive information about your organization (cont'd)

 

*6. If your organization is a part of, affiliated with, or otherwise owned or controlled by

another organization, identify the organization and describe the relationship to your
entity:
Name of other organization:
Nature of relationship:

 

Page 4

OCR HIPAA Audit - Entity Survey
C. Health Care Providers

 

*7. Are you a health care provider?
 

j Yes
k
l
m
n
j No
k
l
m
n

 

 

Page 5

OCR HIPAA Audit - Entity Survey
C. Health Care Providers (cont'd)

 

*8. Are you a HIPAA covered entity?
 

j Yes
k
l
m
n
j No
k
l
m
n

 

j Not sure
k
l
m
n

 

 

Page 6

OCR HIPAA Audit - Entity Survey
 

*9. Does your organization, or another entity on your behalf, conduct health care

transactions (such as submitting a claim for payment, checking patient health plan
eligibility or benefit coverage, receipt of payment or remittance advice) in electronic form?
 

j Yes
k
l
m
n
j No
k
l
m
n

 

*10. What type of health care provider are you (hospital, urgent care, skilled nursing,

etc.)?

5
6  

*11. How many patient visits in the prior fiscal year?
 

*12. How many patient beds do you have (if applicable)?
 

*13. What is the current number of clinicians on staff or with privileges in the facility(ies)?
 

*14. Do you maintain or transmit protected health information in electronic format?
 

j Yes
k
l
m
n
j No
k
l
m
n

 

*15. Do you use electronic medical records?
 

j Yes
k
l
m
n
j No
k
l
m
n

 

*16. What is the total revenue for the most recent fiscal year?
5
6  

 

Page 7

OCR HIPAA Audit - Entity Survey
D. Health Plans

 

*17. Are you a health plan?
 

j Yes
k
l
m
n
j No
k
l
m
n

 

18. If you are a health plan, are you a Group Health Plan sponsor responding on its behalf?
 

j Yes
k
l
m
n
j No
k
l
m
n

 

 

Page 8

OCR HIPAA Audit - Entity Survey
D. Health Plans (cont'd)

 

*19. What is the total number of members within your health plan(s)?
5
6  

*20. What is the average number of claims processed monthly in the most recent fiscal

year?

5
6  

*21. What is the total revenue for the most recent fiscal year?
5
6  

*22. Do you utilize a third party administrator (TPA) or other entity to perform most of the

health plan functions?
j No
k
l
m
n

 
 

j Yes
k
l
m
n

j If yes, please provide the name, address, email address, phone number, an alternate contact and an appropriate contact person at the 
k
l
m
n
TPA or other entity (e.g., health insurance issuer or HMO): 

5

6  

*23. If you are a group health plan sponsor, do you receive only summary data from the

group health plan, health insurancer issuer, or HMO?
 

j Yes
k
l
m
n
j No
k
l
m
n

 

 

Page 9

OCR HIPAA Audit - Entity Survey
E. Health Care Clearinghouses

 

24. Are you a health care clearinghouse?
 

c Yes
d
e
f
g
c No
d
e
f
g

 

 

Page 10

OCR HIPAA Audit - Entity Survey
E. Health Care Clearinghouses (cont'd)

 

*25. What is the total number of transactions processed monthly in the most recent fiscal

year?

5
6  

*26. What is the current number of health care providers, health plans, and other entities

served?

5
6  

*27. What is the total revenue for the most recent fiscal year?
5
6  

*28. Do you operate only as a business associate and do not maintain protected health

information or perform covered functions as a covered entity apart from your activities as
a business associate?
 

j Yes
k
l
m
n
j No
k
l
m
n

 

 

Page 11

OCR HIPAA Audit - Entity Survey
F. Business Associates

 

*29. Are you a business associate of a health care provider, a health plan, or a health care

clearinghouse?
 

c Yes
d
e
f
g
c No
d
e
f
g

 

 

Page 12

OCR HIPAA Audit - Entity Survey
F. Business Associates (cont'd)

 

*30. Please briefly describe the nature of your business associate activities (e.g., billing,

third party administrator, information technology support, legal services, etc.)?
5
6  

*31. Identify the type(s) of covered entity(ies) for which you provide business associate

functions (choose all that apply):
c Health Care Provider
d
e
f
g
c Health Plan
d
e
f
g

 

 

c Health Care Clearinghouse
d
e
f
g

 

*32. Identify whether any of the covered entity(ies) for which you provide business

associate functions are Organized Health Care Arrangements (OHCA) or Affiliated Covered
Entities (ACE) (choose all that apply).
c OHCA
d
e
f
g
c ACE
d
e
f
g

 

 

c Neither
d
e
f
g

 

c Not sure
d
e
f
g

 

*33. Identify the number of each type covered entity for which you provide business

associate functions: (please indicate a number for each option selected):

NOTE: If you provide business associate functions for OHCA's or ACE's, please add the
component covered entities separately into the totals below. For example, if you are a
business associate to an OHCA comprised of 10 covered providers, add 10 to the covered
provider total option below).
Health Care Provider:
Health Plan:
Health Care Clearinghouse:

Page 13

OCR HIPAA Audit - Entity Survey

*34. Identify the number of each type covered entity with which you have business

associate agreements: (please indicate a number for each option selected):
Health Care Provider:
Health Plan:
Health Care Clearinghouse:

*35. Do your business associate activities involve maintaining or transmitting protected

health information in electronic form?
 

j Yes
k
l
m
n
j No
k
l
m
n

 

*36. Do you perform business associate functions in more than one State?
5
6  

*37. What is the total revenue from all of your business associate activities in the most

recent fiscal year?

5
6  

Page 14


File Typeapplication/pdf
File Modified2015-03-13
File Created2014-05-06

© 2024 OMB.report | Privacy Policy