Knowing what questions are likely to be asked and what documentation is necessary to show compliance are key to preparations for HIPAA compliance inquiries, and this session will explore a number of sets of questions and the issues they revealed, leading to enforcement action.
Why You Should Attend
In this webinar, we will discuss the HIPAA audit and enforcement programs and how they work, and discuss the areas that caused the most issues in prior audits and enforcement actions. We will explore what kind of issues and what kind of entities had the most problems, and show where entities need to improve their compliance the most. We will also explore the typical risk issues that lead to breaches of health information and see how those issues may become a target for auditors in the next round.
You will learn what information and documentation must be prepared in advance so that you can be ready for an audit or enforcement review at any time, including sample information request forms and questions asked at prior audits. The session will also cover how to know if you become the subject of an audit or enforcement action, and what you can do to help limit your exposure.
- What the audit process is, what HHS OCR is likely to ask you if you are selected for an audit or compliance review, and what you’ll have to have prepared already when they do
- How to make the HIPAA Audit Protocol useful as a way to organize and track your compliance work, and collect your documentation references
- What you’ll need to have documented to survive an audit or compliance review and avoid fines
- How to use an information security management process to evaluate risks and make decisions about how best to protect PHI and meet patient needs and desires
- Policies and procedures you should have in place
- The training and education that must take place and be documented to ensure your staff uses health information properly and does not risk exposure of PHI
Who Will Benefit
- Compliance director
- Privacy Officer
- Information Systems Manager
- HIPAA Officer
- Chief Information Officer
- Health Information Manager
- Healthcare Counsel/lawyer
Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities. He is a frequent speaker regarding HIPAA, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference. Sheldon-Dean has more than 17 years of experience specializing in HIPAA compliance.