Skip to main content
U.S. flag

An official website of the United States government

Return to Search

Audit Pre-Screening Questionnaire

Guidance on HIPAA Audit Pre-Screening Questionnaire

Final

Issued by: Office for Civil Rights (OCR)

Audit Pre-Screening Questionnaire

Audit Pre-Screening Questionnaire Instructions:

The questionnaire is made up of 4 parts: Instructions, Contact/Entity Info, Questions, Review & Submit.

If you are unable to complete the questionnaire in its entirety, you can [SAVE] your responses and complete the questionnaire at a later time using the link that was provided in the email notification. Once [Submit] has been selected, you will not be able to re-access the questionnaire.

Contact/Entity Type – Please review and update as needed. All fields are required. If all fields are not completed before clicking [Continue] or the Questionnaire tab the system will display at the top of the screen a list of the missing information.

Questionnaire – A response is required for all questions. If all fields are not completed before clicking [Review and Submit] the system will display at the top of the screen a list of the missing information.

Review & Submit – The system will display all questions with your responses. Scroll to the bottom to select [Print] to retain a copy of your responses. To change a response, click the Questionnaire tab at the top of the screen. Click [Submit] to submit your responses. Once submitted, access to the questionnaire is no longer available.

Questions:

Basic Description Information About Your Organization

Question 1: Entity is:

Answer Choices:

  • Public
  • Private

Question 2: Entity is:

Answer Choices:

  • Single location only (the primary operations and any support activities are co-located)
  • Multi-location (the organization has multiple service delivery sites and/or separate support facilities)

Question 3: Is your organization part of, affiliated with, or otherwise owned or controlled by another organization?

Answer Choices:

  • No
  • Yes

Question 4: If your organization is a part of, affiliated with, or otherwise owned or controlled by another organization, identify the organization and describe the relationship to your entity: (If your answer to #3 is “No”, enter N/A for the relationship and organization)

Answer Choices:

  • Nature of relationship
  • Name of other organization

Healthcare Providers

Question 5: Are you a HIPAA covered entity?

Answer Choices:

  • Yes
  • No

Question 6: Does your organization or another entity on your behalf, conduct health care transactions (such as submitting a claim for payment, checking patient health plan eligibility or benefit coverage, or receipt of payment or remittance advice) in electronic form?

Answer Choices:

  • Yes
  • No

Question 7: What type of health care provider are you (hospital, urgent care, skilled nursing, etc.)?

Answer Choices:

Question 8: How many patient visits in the prior fiscal year?

Answer Choices:

Question 9: How many patient beds do you have (if applicable)?

Answer Choices:

Question 10: What is the current number of clinicians on staff or with privileges in the facility(ies)?

Answer Choices:

Question 11: Do you maintain or transmit protected health information in electronic format?

Answer Choices:

  • Yes
  • No

Question 12: Do you use electronic medical records?

Answer Choices:

  • Yes
  • No

Question 13: What is the total revenue for the most recent fiscal year?

Answer Choices:

Health Plans

Question 14: Are you a Group Health Plan sponsor responding on its behalf?

Answer Choices:

  • Yes
  • No

Question 15: What is the total number of members within your health plan(s)?

Answer Choices:

Question 16: What is the average number of claims processed monthly in the most recent fiscal year?

Answer Choices:

Question 17: What is the total revenue for the most recent fiscal year?

Answer Choices:

Question 18: Do you utilize a third party administrator (TPA) or other entity to perform most of the health plan functions?

Answer Choices:

  • No
  • Yes (Note: Selecting “Yes” will require you to supply the following information: “If yes, please provide the name, address, email address, phone number, an alternate contact and an appropriate contact person at the TPA or other entity (e.g., health insurance issuer or HMO):”)

Question 19: If you are a group health plan sponsor, do you receive only summary data from the group health plan, health insurance issuer, or HMO?

Answer Choices:

  • Yes
  • No
  • N/A

Healthcare Clearinghouse

Question 20: What is the total number of transactions processed monthly in the most recent fiscal year?

Answer Choices:

Question 21: What is the current number of healthcare providers, health plans, and other entities served?

Answer Choices:

Question 22: What is the total revenue for the most recent fiscal year?

Answer Choices:

Question 23: Do you operate only as a business associate and do not maintain protected health information or perform covered functions as a covered entity apart from your activities as a business associate?

Answer Choices:

Business Associates

Question 24: Please briefly describe the nature of your business associate activities (e.g., billing, third party administrator, information technology support, legal services, etc.).

Answer Choices:

Question 25: Identify the type(s) of covered entity(ies) for which you provide business associate functions (choose all that apply).

Answer Choices:

  • Health Care Provider
  • Health Plan
  • Heath Care Clearinghouse

Question 26: Identify whether any of the covered entity(ies) for which you provide business associate functions are Organized Health Care Arrangements (OHCA) or Affiliated Covered Entities (ACE) (choose all that apply).

Answer Choices:

  • OHCA
  • ACE
  • Neither
  • Not sure

Question 27: Identify the approximate number of each type of covered entity for which you provide business associate functions: (please indicate a number for each option selected): NOTE: If you provide business associate functions for OHCA’s or ACE’s, please add the component covered entities separately into the totals below. For example, if you are a business associate to an OCHA comprised of 10 covered providers, add 10 to the covered provider total option below)

Answer Choices:

  • Health Care Provider
  • Health Plan
  • Health Care Clearinghouse

Question 28: Do your business associate activities involve maintaining or transmitting protected health information in electronic form?

Answer Choices:

  • Yes
  • No

Question 29: Do you perform business associate functions in more than one state?

Answer Choices:

Question 30: What is the approximate total revenue from all of your business associate activities in the most recent fiscal year?

Answer Choices:

HHS is committed to making its websites and documents accessible to the widest possible audience, including individuals with disabilities. We are in the process of retroactively making some documents accessible. If you need assistance accessing an accessible version of this document, please reach out to the guidance@hhs.gov.

DISCLAIMER: The contents of this database lack the force and effect of law, except as authorized by law (including Medicare Advantage Rate Announcements and Advance Notices) or as specifically incorporated into a contract. The Department may not cite, use, or rely on any guidance that is not posted on the guidance repository, except to establish historical facts.