Can I skip monitoring and auditing compliance with CCPA in Indiana? What are the requirements?

Based on the provided context documents, it is not clear whether CCPA compliance monitoring and auditing can be skipped in Indiana. However, there are several requirements for compliance monitoring and auditing in Indiana that may be relevant to CCPA compliance.

Relevant Requirements for Compliance Monitoring and Auditing in Indiana

• Auditing: The funds, accounts, management, and operations of the commission under this chapter are subject to an audit by the state board of accounts ^[1.2].
• Compliance with data collection requirements: The following shall comply with the data collection requirements of the program: (1) A health coverage provider. (2) A health care provider. (3) An out-of-state health coverage provider that provides health coverage, administers health coverage provided, or maintains records concerning health coverage provided to an individual who resides or receives health care services in Indiana. (4) An out-of-state health care provider that provides health care services or maintains records concerning health care services provided to an individual who resides or receives health care services in Indiana ^[1.3].
• Access for inspections and monitoring of facilities that house or hold juveniles: Any facility that is used or has been used to house or hold juveniles shall give a representative or designee of the Indiana criminal justice institute’s compliance monitoring program reasonable access to inspect and monitor the facility to ensure that the requirements of the Juvenile Justice and Delinquency Prevention Act are maintained ^[1.5].
• Compliance documentation: A personal services agency shall document evidence of compliance with the requirements of this chapter and document services provided to clients. The documentation or copies of the documentation must be maintained or be electronically accessible at a personal services agency’s office in Indiana for not less than seven (7) years ^[1.7].
• Auditing procedures: The establishment of procedures for auditing submitted claims by a contracted pharmacy in a manner established by administrative rules under IC 4-22-2 by the department. The auditing procedures may not use extrapolation or any similar methodology; may not allow for recovery by a pharmacy benefit manager of a submitted claim due to clerical or other error where the patient has received the drug for which the claim was submitted; must allow for recovery by a contracted pharmacy for underpayments by the pharmacy benefit manager; and may only allow for the pharmacy benefit manager to recover overpayments on claims that are actually audited and discovered to include a recoverable error ^[1.9].

Based on the above requirements, it is recommended that you consult with a legal expert to determine the specific compliance monitoring and auditing requirements for CCPA in Indiana.

^[1.2]: IC 4-23-34-14 ^[1.3]: IC 16-40-4-6 ^[1.5]: IC 31-37-4-4 ^[1.7]: IC 16-27-4-18 ^[1.9]: IC 27-1-24.5-22

Source(s):

• [1.2] Auditing
• [1.3] Compliance with data collection requirements
• [1.5] Access for inspections and monitoring of facilities that house or hold juveniles
• [1.7] Compliance documentation
• [1.9] Required information; appeals process; auditing procedures

Jurisdiction

Indiana

• Privacy