HIPAA Audits and Enforcement (DOC) by supportc2go


More Info
									Live Webinar on : HiPAA and EHRs – what your system need to do so you can be in
compliance with new rules


                                         Enforcement of HIPAA regulations is being stepped up
                                         and new fines and penalties make being ready for an
Get 15 % Discount as a early bird        audit in advance essential.
registrations. Use Promo Key
: CGO15
                                         Why should you attend:
                                          The US Department of Health and Human Services
Who will benefit                         (HHS)is actively developing plans with consulting firm
                                         KPMG to meet requirements in the HITECH Act in the
                                         American Recovery and Reinvestment Act of 2009
         Compliance director            (ARRA) for performing periodic audits of compliance
         CEO                            with the HIPAA Privacy and Security Rules. In addition
         CFO                            new enforcement is taking place related to the new
         Privacy Officer                HIPAA Breach Notification Rule. While in the past,
         Security Officer               audits had been performed only at entities that had had a
         Information Systems Manager    compliant filed against them, the new rule calls for audits
         HIPAA Officer                  whether or not there is a complaint. This means that the
         Chief Information Officer      HHS Office for Civil Rights (OCR) can show up at your
         Health Information Manager     door and ask to perform an audit on short notice, and
                                         your organization will need to be ready.
         Healthcare Counsel/lawyer
         Office Manager
                                         • If your organization is not ready, the HIPAA rules have
         Contracts Manager
                                         new, significantly higher fines, including mandatory
                                         minimum fines of $10,000 for willful neglect of
                                         compliance. All HIPAA Covered Entities and Business
Pricing                                  Associates need to be fully in compliance and prepared
                                         for an audit at any time, or risk the significant fines for
Live ( Single registration ) : $189.00   non-compliance.
Group ( Max 10 Attendee): $499.00
                                         • In addition, HIPAA enforcement has taken on a new
                                         importance at HHS, as shown in multi-million dollar
     More Trainings                      fines and even a one million dollar settlement for a
                                         breach of just 192 records. HHS OCR officials have
publicly stated that enforcement is now a priority, and
that means being ready for an audit is more important
than ever. The "slap-on-the-wrist" days are over and
fines and settlements are being levied, with more on the
way -- don't let your organization be hit for an audit

• By using an information security management process,
those responsible for health and payment information
can develop the procedures and policies that can help
prevent security problems, and help prepare the
organization for any incidents, audits, or enforcement

• If you don't take the proper steps to ensure your
patients' health information is being protected according
to the HIPAA Security Rule, you can be hit with
significant fines and penalties. With the increased
HIPAA fines beginning at $10,000 in cases of willful
neglect, providing good information security and being
in compliance are more important than ever.

Description of the topic

In this session we will discuss the HIPAA audit and
enforcement processes and how they apply to covered
entities and business associates. We will explain the
enforcement regulations and their recent changes that
increase fines and create new penalty levels, including
new penalties for willful neglect of compliance that begin
at $10,000. We will discuss what information and
documentation needs to be prepared in advance so that
you can be ready for an audit without notice. Sample
information request forms and questions asked at prior
audits will be presented.

• The session will also cover how to know if you may
become the subject of an audit or enforcement action, and
what you can do to help limit your exposure. We will
discuss how most enforcement actions come about and
what can be done to prevent incidents that lead to

• The HIPAA Privacy, Security, and Breach Notification
regulations (and the recent changes to them) and how
they will be audited will be explained. Documentation
requirements for compliance will be explored and a
framework of security policies necessary for compliance
will be presented. Meeting any set of information
security requirements always involves conducting a
thorough risk analysis to make sure you haven't
overlooked any weaknesses. We'll discuss what's
involved and how it is the cornerstone of your
compliance efforts.

• The results of prior HHS audits (and their penalties)
will be discussed, including recent actions involving
multi-million dollar fines and settlments. A plan for
attaining compliance will be presented. The steps to
follow to prepare for an audit and respond to an audit
request will be outlined. In addition, upcoming trends in
information security risks will be discussed.

Areas Covered in the Seminar:
Fines and penalties for violations of the HIPAA
regulations have been significantly increased and now
include mandatory fines for willful negligence that begin
at $10,000 minimum.

HIPAA Audits have been few and far between in the
past, but that's now changing - the HHS will be auditing
HIPAA covered entities and business associates even if
there have been no complaints or problems reported.

Find out what HHS OCR is likely to ask you if you are
selected for an audit, and what you'll have to have
prepared already when they do.

Find out what the rules are that you need to comply with
and what policies you can adopt that can help you come
into compliance.

Learn how the HIPAA rules have changed and how you
may need to change how you work to keep up with

Learn how having a good compliance process can help
you stay compliant more easily.

Find out what you'll need to have documented to survive
an audit and avoid fines.

Find out what you'll need to think about to deal with
future threats to the security of patient information
                                    About Speaker:

                                    Jim Sheldon-Dean is the founder and director of compliance
                                    services at Lewis Creek Systems, LLC, a Vermont-based
                                    consulting firm founded in 1982, providing information privacy
                                    and security regulatory compliance services to a variety of
                                    health care providers, businesses, universities, small and large
                                    hospitals, urban and rural mental health and social service
                                    agencies, health insurance plans, and health care business
                                    associates. He serves on the HIMSS Information Systems
                                    Security Workgroup, and has co-chaired the Workgroup for
                                    Electronic Data Interchange Privacy and Security
                                    Workgroup. He is a frequent speaker regarding HIPAA and
                                    information privacy and security compliance issues at seminars
                                    and conferences, including speaking engagements at AHIMA
                                    national and regional conventions and WEDI national
                                    conferences, and before the New York Metropolitan Chapter of
                                    the Healthcare Financial Management Association, Health
                                    Information Management Associations of Virginia, New York
                                    City, New York State, and Vermont, the Connecticut Hospital
                                    Association, and the Hospital and Health System Association
                                    of Pennsylvania. Sheldon-Dean has nearly 30 years of
                                    experience in policy analysis and implementation, business
                                    process analysis, information systems and software
                                    development. His experience includes leading the development
                                    of health care related Web sites; award-winning, best-selling
                                    commercial utility software; and mission-critical, fault-tolerant
                                    communications satellite control systems. In addition, he has
                                    eight years of experience doing hands-on medical work as a
                                    Vermont certified volunteer emergency medical
                                    technician. Sheldon-Dean received his B.S. degree, summa
                                    cum laude, from the University of Vermont and his master’s
                                    degree from the Massachusetts Institute of Technology.


                       Compliance2go | www.Compliance2go.com
                       Phone : 877.782.4696 | Fax : 281-971-0286
                         Email : Support@compliance2go.com

To top