HIPAA Privacy and Security Rules call for new audits protocols.

Published on May 2016 | Categories: Documents | Downloads: 15 | Comments: 0 | Views: 166
of 3
Download PDF   Embed   Report

HIPAA Privacy and Security call for audits and how to covered entities and business associates with particular audit program .The process necessary to keep HIPAA policies Security, Breach Notification regulations and procedures are current and effective.

Comments

Content

The New HIPAA Audit Protocol - Know What To Do Before They Call
This 90-minute webinar will explain how HIPAA audits are conducted, what the auditors will look for, what they will ask and how. This training will prepare all HIPAA covered entities and business associates to be fully in compliance and be prepared for an audit at any time and to quickly respond to audits. Description Why Should You Attend: The new HIPAA Privacy and Security Rules call for audits whether or not there is a breach or a complaint. This means that the HHS Office for Civil Rights (OCR) can show up at your door and ask to perform an audit on short notice, and your organization will need to be ready. In this session we will discuss the HIPAA audit processes and how they apply to covered entities and business associates, and the new random HIPAA compliance audit program in particular. We will review the new audit processes and discuss what will be asked in an audit and how. Protocols and the questions asked at recent audits will be explained. Sample information request forms and questions asked at prior audits will be presented. The presenter will explain the HIPAA Privacy, Security, and Breach Notification regulations and how they will be audited. Documentation requirements for compliance will be explored and a framework of security policies necessary for compliance will be presented. Areas Covered in the Seminar: An explanation of the regulations and their recent changes including new fines and penalties. The audit process – how does it start and what does it involve? The documentation required to be provided in an audit, and how to maintain it. Sample questions from prior HIPAA audits. How to limit your exposure during an audit by adopting good HIPAA policies and procedures in advance. The process necessary to keep your HIPAA policies and procedures current and effective. Potential penalties for non-compliance.

Who Will Benefit: Information Security Officers. Risk Managers. Compliance Officers Privacy Officers Health Information Managers Information Technology Managers Medical Office Managers Chief Financial Officers Systems Managers Legal Counsel Operations Directors Medical offices, practice groups, hospitals, academic medical centers, insurers, business associates (shredding, data storage, systems vendors, billing services, etc.) Instructor Profile: Jim Sheldon-Dean, is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a variety of health care providers, businesses, universities, small and large hospitals, urban and rural mental health and social service agencies, health insurance plans, and health care business associates. Sheldon-Dean serves on the HIMSS Information Systems Security Workgroup, has co-chaired the Workgroup for Electronic Data Interchange Privacy and Security Workgroup, serves on the WEDI Breach Notification sub-workgroup, and is a recipient of the WEDI 2011 Award of Merit. He is a frequent speaker regarding HIPAA and information privacy and security compliance issues at seminars and conferences, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference in Washington, D.C. Sheldon-Dean has more than 30 years of experience in policy analysis and implementation, business process analysis, information systems and software development. His experience includes leading the development of health care related Web sites; award-winning, best-selling commercial utility software; and mission-critical, fault-tolerant communications satellite control systems. In addition, he has eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master’s degree from the Massachusetts Institute of Technology.

Topic Background: The US Department of Health and Human Services (HHS) Office for Civil Rights has begun a program to meet requirements in the HITECH Act in the American Recovery and Reinvestment Act of 2009 (ARRA) for performing periodic audits of compliance with the HIPAA Privacy and Security Rules. While in the past, audits had been performed only at entities that had had a breach or had a complaint filed against them, the new rule calls for audits whether or not there is a breach or a complaint. This means that the HHS Office for Civil Rights (OCR) can show up at your door and ask to perform an audit on short notice, and your organization will need to be ready. Now information is available on how the audits are conducted and what the auditors are looking for, and if you want to stay ahead of the auditors, you will need to be able to quickly respond to audits. The best way to do that is to know what they will ask. If your organization is not ready, the HIPAA rules have new, significantly higher fines, including mandatory minimum fines of $10,000 for willful neglect of compliance. All HIPAA Covered Entities and Business Associates need to be fully in compliance and prepared for an audit at any time, or risk the significant fines for non-compliance.

Sponsor Documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close