Download:
pdf |
pdfOCR HIPAA Audit - Entity Survey
Survey Instructions & Objective
Form Approved
OMB No. 0945 xxxx
Exp. Date XX/XX/20XX
Questionnaire Instructions and Objective
Survey Instructions:
Please complete the screening questionnaire by providing the requested information below. After checking the
appropriate boxes to indicate your entity type please respond to the referenced questions. Answer questions to the
best of your knowledge. Data will be kept private to the extent allowed by law. Please submit your responses by the
deadline provided.
Survey Objective:
This screening questionnaire is intended to gather data about the size, complexity, and operations of potential auditees
for the HIPAA Privacy, Security and Breach Notification Audit Program. These data will be used with other information
to help us select entities that reflect a variety of types, size, and locations for the Audit Program.
Please note that if your organization is selected for audit, communications from OCR will be sent to the email addresses
of the contact persons identified below.
____________________________________________________________________________
According to the Paperwork Reduction Act of 1995, no persons are required to respond to a collection of information
unless it displays a valid OMB control number. The valid OMB control number for this information collection is 0945
xxxx . The time required to complete this information collection is estimated to average 30 minutes per response,
including the time to review instructions, search existing data resources, gather the data needed, and complete and
review the information collection. If you have comments concerning the accuracy of the time estimate(s) or suggestions
for improving this form, please write to: U.S. Department of Health & Human Services, OS/OCIO/PRA, 200 Independence
Ave., S.W., Suite 336E, Washington D.C. 20201, Attention: PRA Reports Clearance Officer
Page 1
�OCR HIPAA Audit - Entity Survey
A. Contact information
*1. Please provide the following information:
Entity Name:
Privacy Officer or Primary
Contact Name:
Title:
Email address:
Phone Number:
Address for official
correspondence:
*2. Please designate an additional individual as an alternate or backup for the primary
contact:
Name:
Title:
Email address:
Phone Number:
Page 2
�OCR HIPAA Audit - Entity Survey
B. Basic descriptive information about your organization
*3. Entity is:
j Public
k
l
m
n
j Private
k
l
m
n
*4. Entity is:
j Multilocation (the organization has multiple service delivery sites and/or separate support facilities.
k
l
m
n
j Single location only (the primary operations and any support activities are colocated)
k
l
m
n
*5. Is your organization part of, affiliated with, or otherwise owned or controlled by
another organization?
j No
k
l
m
n
j Yes
k
l
m
n
Page 3
�OCR HIPAA Audit - Entity Survey
B. Basic descriptive information about your organization (cont'd)
*6. If your organization is a part of, affiliated with, or otherwise owned or controlled by
another organization, identify the organization and describe the relationship to your
entity:
Name of other organization:
Nature of relationship:
Page 4
�OCR HIPAA Audit - Entity Survey
C. Health Care Providers
*7. Are you a health care provider?
j Yes
k
l
m
n
j No
k
l
m
n
Page 5
�OCR HIPAA Audit - Entity Survey
C. Health Care Providers (cont'd)
*8. Are you a HIPAA covered entity?
j Yes
k
l
m
n
j No
k
l
m
n
j Not sure
k
l
m
n
Page 6
�OCR HIPAA Audit - Entity Survey
*9. Does your organization, or another entity on your behalf, conduct health care
transactions (such as submitting a claim for payment, checking patient health plan
eligibility or benefit coverage, receipt of payment or remittance advice) in electronic form?
j Yes
k
l
m
n
j No
k
l
m
n
*10. What type of health care provider are you (hospital, urgent care, skilled nursing,
etc.)?
5
6
*11. How many patient visits in the prior fiscal year?
*12. How many patient beds do you have (if applicable)?
*13. What is the current number of clinicians on staff or with privileges in the facility(ies)?
*14. Do you maintain or transmit protected health information in electronic format?
j Yes
k
l
m
n
j No
k
l
m
n
*15. Do you use electronic medical records?
j Yes
k
l
m
n
j No
k
l
m
n
*16. What is the total revenue for the most recent fiscal year?
5
6
Page 7
�OCR HIPAA Audit - Entity Survey
D. Health Plans
*17. Are you a health plan?
j Yes
k
l
m
n
j No
k
l
m
n
18. If you are a health plan, are you a Group Health Plan sponsor responding on its behalf?
j Yes
k
l
m
n
j No
k
l
m
n
Page 8
�OCR HIPAA Audit - Entity Survey
D. Health Plans (cont'd)
*19. What is the total number of members within your health plan(s)?
5
6
*20. What is the average number of claims processed monthly in the most recent fiscal
year?
5
6
*21. What is the total revenue for the most recent fiscal year?
5
6
*22. Do you utilize a third party administrator (TPA) or other entity to perform most of the
health plan functions?
j No
k
l
m
n
j Yes
k
l
m
n
j If yes, please provide the name, address, email address, phone number, an alternate contact and an appropriate contact person at the
k
l
m
n
TPA or other entity (e.g., health insurance issuer or HMO):
5
6
*23. If you are a group health plan sponsor, do you receive only summary data from the
group health plan, health insurancer issuer, or HMO?
j Yes
k
l
m
n
j No
k
l
m
n
Page 9
�OCR HIPAA Audit - Entity Survey
E. Health Care Clearinghouses
24. Are you a health care clearinghouse?
c Yes
d
e
f
g
c No
d
e
f
g
Page 10
�OCR HIPAA Audit - Entity Survey
E. Health Care Clearinghouses (cont'd)
*25. What is the total number of transactions processed monthly in the most recent fiscal
year?
5
6
*26. What is the current number of health care providers, health plans, and other entities
served?
5
6
*27. What is the total revenue for the most recent fiscal year?
5
6
*28. Do you operate only as a business associate and do not maintain protected health
information or perform covered functions as a covered entity apart from your activities as
a business associate?
j Yes
k
l
m
n
j No
k
l
m
n
Page 11
�OCR HIPAA Audit - Entity Survey
F. Business Associates
*29. Are you a business associate of a health care provider, a health plan, or a health care
clearinghouse?
c Yes
d
e
f
g
c No
d
e
f
g
Page 12
�OCR HIPAA Audit - Entity Survey
F. Business Associates (cont'd)
*30. Please briefly describe the nature of your business associate activities (e.g., billing,
third party administrator, information technology support, legal services, etc.)?
5
6
*31. Identify the type(s) of covered entity(ies) for which you provide business associate
functions (choose all that apply):
c Health Care Provider
d
e
f
g
c Health Plan
d
e
f
g
c Health Care Clearinghouse
d
e
f
g
*32. Identify whether any of the covered entity(ies) for which you provide business
associate functions are Organized Health Care Arrangements (OHCA) or Affiliated Covered
Entities (ACE) (choose all that apply).
c OHCA
d
e
f
g
c ACE
d
e
f
g
c Neither
d
e
f
g
c Not sure
d
e
f
g
*33. Identify the number of each type covered entity for which you provide business
associate functions: (please indicate a number for each option selected):
NOTE: If you provide business associate functions for OHCA's or ACE's, please add the
component covered entities separately into the totals below. For example, if you are a
business associate to an OHCA comprised of 10 covered providers, add 10 to the covered
provider total option below).
Health Care Provider:
Health Plan:
Health Care Clearinghouse:
Page 13
�OCR HIPAA Audit - Entity Survey
*34. Identify the number of each type covered entity with which you have business
associate agreements: (please indicate a number for each option selected):
Health Care Provider:
Health Plan:
Health Care Clearinghouse:
*35. Do your business associate activities involve maintaining or transmitting protected
health information in electronic form?
j Yes
k
l
m
n
j No
k
l
m
n
*36. Do you perform business associate functions in more than one State?
5
6
*37. What is the total revenue from all of your business associate activities in the most
recent fiscal year?
5
6
Page 14
�
| File Type | application/pdf |
| File Modified | 2015-03-13 |
| File Created | 2014-05-06 |