The OCR HIPAA Audit program analyzes processes, controls, and policies of selected covered entities pursuant to the HITECH Act audit mandate. OCR established a comprehensive audit protocol that contains the requirements to be assessed through these performance audits. The entire audit protocol is organized around modules, representing separate elements of privacy, security, and breach notification. The combination of these multiple requirements may vary based on the type of covered entity selected for review.
- The protocol covers Security Rule requirements for administrative, physical, and technical safeguards
In this presentation we will discuss the objectives of the HIPAA/HITECH Security Audit, How to accomplish this Audit, How to report within the organization, the fines and penalties that could occur, what steps you can take to document your compliance and the roles and responsibilities within your organization.
Why should you attend:
Organizations must be prepared to meet the HIPAA Requirements. Many organizations have built their HIPAA Security and Privacy Program and believe they are compliant; however they do not do well in an audit. Fortunately, OCR has provided the actual protocol they have used in the past to conduct an Audit of Healthcare facilities. Organizations can use the protocol to self-audit themselves and be better prepared to respond to an audit and prove they are HIPAA compliant potentially saving themselves from OCR issued fines, and the need to create OCR monitored comprehensive corrective action plan to correct deficiencies discovered through an audit process. Fines have been in the millions of dollars but just as important organizations have faced damage to their reputations.
This Webinar will show you where to find the protocol and more importantly how to use this protocol to assess your own organization for HIPAA compliance. This presentation will discuss documentation methods, solutions to some of the more difficult standards and provide insight into how other organizations have addressed the HIPAA needs.
By identifying your Gaps, an organization can create to minimize the impact of an Audit. Prepare today as if you are going to be audited tomorrow. Remember the three words of HIPAA Compliance, Document, Document, and Document.
Areas Covered in the Session:
Who Will Benefit:
- Objectives of the HIPAA Audit
- Steps to Compliance
- Administrative, Technical and Physical Safeguards overview
- HIPAA Evaluation
- Compliance Monitoring (Not a onetime event)
- What to learn from previous Reviews
- What documents you may need to produce
- The fines and Penalties that have been assessed to other organizations
- A review of a sample corrective action plan
- Roles and responsibilities within your organization
- Information Security Officers
- Compliance Officers
- Chief Information Officers