Hipaa random audit


Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Hipaa random audit

  1. 1. Live Webinar on : The New HIPAA Random Audit Program: How to be prepared and avoid penalties Thursday, March 22, 2012 duration : 01:00 to 02:30 PM EST Description After long delays, a random HIPAA Compliance Audit program is finally getting under way; up to 150 covered Get 15 % Discount as an early bird entities will be audited in 2012, and being prepared in registration. Use Promo Key : advance is essential. CGO15 Who will benefit Areas Covered in the Session Compliance director • Fines and penalties for violations of the HIPAA regulations have been significantly increased and now· CEO include mandatory fines for willful negligence that begin at $10,000 minimum.· CFO· Privacy Officer • HIPAA Audits have been few and far between in the past, but thats now changing - the HHS is now· Security Officer auditing HIPAA covered entities and business associates even if there have been no complaints or· Information Systems Manager problems reported.· HIPAA Officer· Chief Information Officer • Find out what HHS OCR is likely to ask you if you are selected for an audit, and what youll have to have· Health Information Manager prepared already when they do.· Healthcare Counsel/lawyer· Office Manager • Find out what the rules are that you need to comply with and what policies you can adopt that can help you
  2. 2. Contracts Manager come into compliance. • Learn how the HIPAA rules have changed and how you may need to change how you work to keep up with them. • Learn how having a good compliance process can help you stay compliant more easily. • Find out what youll need to have documented to survive an audit and avoid fines.purchase formats $189 One Dial In - OneAttendee • Find out what youll need to think about to deal with future threats to the security of patient information. $249 One Dial In - Unlimitedattendance (To be arranged in aConference room/Meeting room.Note : Only One Dial In Allowed) Why should you attend: $289 On Demand (Recordingavailable within 48 hrs after thecompletion of the webinar) • The US Department of Health and Human Services (HHS)has begun a program to meet requirements in the $349 Get Training CD HITECH Act in the American Recovery and Reinvestment Act of 2009 (ARRA) for performing periodic audits of compliance with the HIPAA Privacy and Security Rules, and up to 150 random HIPAA compliance audits will be performed by the end of More Trainings 2012. While in the past, audits had been performed only at entities that had had a compliant filed against them, the new rule calls for audits whether or not there is a complaint. This means that the HHS Office for Civil Rights (OCR) can show up at your door and ask to perform an audit on short notice, and your organization will need to be ready in less than ten business days.
  3. 3. • If your organization is not ready, the HIPAA ruleshave new, significantly higher fines, includingmandatory minimum fines of $10,000 for willful neglectof compliance. All HIPAA entities need to be fully incompliance and prepared for an audit at any time, orrisk the significant fines for non-compliance.• In addition, HIPAA enforcement has taken on a newimportance at HHS, as shown in multi-million dollarfines and even a one million dollar settlement for abreach of just 192 records. HHS OCR officials havepublicly stated that enforcement is now a priority, andthat means being ready for an audit is more importantthan ever. The "slap-on-the-wrist" days are over andfines and settlements are being levied, with more on theway -- dont let your organization be hit for an auditunprepared. And even postal inspectors are now usingHIPAA to prosecute identity theft cases.• By using an information security managementprocess, those responsible for health information candevelop the procedures and policies that can helpprevent security problems, and help prepare theorganization for any incidents, audits, or enforcementactions.• If you dont take the proper steps to ensure yourpatients health information is being protectedaccording to the HIPAA Security and Privacy Rules,you can be hit with significant fines and penalties.With the increased HIPAA fines beginning at $10,000 incases of willful neglect, providing good informationsecurity and being in compliance are more importantthan ever.• In addition new enforcement is taking place related tothe new HIPAA Breach Notification Rule – when abreach is reported, HHS inspectors can investigate todetermine if a penalty is warranted.Description of the topic:
  4. 4. • In this session we will discuss the HIPAA audit andenforcement regulations and processes, and how they applyto HIPAA covered entities and business associates, and thenew random HIPAA compliance audit program in particular.We will explain the enforcement regulations and the recentchanges that increase fines and create new penalty levels,including new penalties for willful neglect of compliance thatbegin at $10,000. We will discuss what information anddocumentation must be prepared in advance so that you canbe ready for an audit any time. Sample information requestforms and questions asked at prior audits will be presented.• The session will also cover how to know if you may becomethe subject of an audit or enforcement action, and what youcan do to help limit your exposure. We will discuss howmost enforcement actions come about and what can be doneto prevent incidents that lead to enforcement.• The HIPAA Privacy, Security, and Breach Notificationregulations (and the recent changes to them) and how theywill be audited will be explained. Documentationrequirements for compliance will be explored and aframework of security policies necessary for compliance willbe presented. Meeting any set of information securityrequirements always involves conducting a thorough riskanalysis to make sure you havent overlooked anyweaknesses. Well discuss whats involved and how it is thecornerstone of your compliance efforts.• The results of prior HHS audits (and their penalties) will bediscussed, including recent actions involving multi-milliondollar fines and settlments. A plan for attaining compliancewill be presented. The steps to follow to prepare for an auditand respond to an audit request will be outlined. In addition,upcoming trends in information security risks will bediscussed.About Speaker:Jim Sheldon-Dean is the founder and director ofcompliance services at Lewis Creek Systems, LLC, aVermont-based consulting firm founded in 1982,
  5. 5. providing information privacy and security regulatory compliance services to a variety of health care providers, businesses, universities, small and large hospitals, urban and rural mental health and social service agencies, health insurance plans, and health care business associates. He serves on the HIMSS Information Systems Security Workgroup, has co- chaired the Workgroup for Electronic Data Interchange Privacy and Security Workgroup, and is a recipient of the 2011 WEDI Award of Merit. He is a frequent speaker regarding HIPAA and information privacy and security compliance issues at seminars and conferences, including speaking engagements at AHIMA national and regional conventions and WEDI national conferences, and before the New York Metropolitan Chapter of the Healthcare Financial Management Association, Health Information Management Associations of Virginia, New York City, New York State, and Vermont, the Connecticut Hospital Association, and the Hospital and Health System Association of Pennsylvania. Sheldon-Dean has nearly 30 years of experience in policy analysis and implementation, business process analysis, information systems and software development. His experience includes leading the development of health care related Web sites; award-winning, best-selling commercial utility software; and mission-critical, fault-tolerant communications satellite control systems. In addition, he has eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master’s degree from the Massachusetts Institute of Technology.https://compliance2go.com/index.php?option=com_training&speakerkey=12&productKey=74 Compliance2go | www.Compliance2go.com Phone : 877.782.4696 | Fax : 281-971-0286 Email : Support@compliance2go.com