HIPAA Random Audit

Document Sample
HIPAA Random Audit Powered By Docstoc
					    Live Webinar on : The New HIPAA Random Audit Program: How to be prepared and avoid
    penalties Thursday, March 22, 2012 duration : 01:00 to 02:30 PM EST


                                            After long delays, a random HIPAA Compliance Audit
                                            program is finally getting under way; up to 150 covered
    Get 15 % Discount as an early bird
                                            entities will be audited in 2012, and being prepared in
    registration. Use Promo Key :
                                            advance is essential.

    Who will benefit
                                            Areas Covered in the Session

   Compliance director                     • Fines and penalties for violations of the HIPAA
                                            regulations have been significantly increased and now
·    CEO                                    include mandatory fines for willful negligence that
                                            begin at $10,000 minimum.
·    CFO

·    Privacy Officer
                                            • HIPAA Audits have been few and far between in the
                                            past, but that's now changing - the HHS is now
·    Security Officer
                                            auditing HIPAA covered entities and business
                                            associates even if there have been no complaints or
·    Information Systems Manager            problems reported.

·    HIPAA Officer

·    Chief Information Officer              • Find out what HHS OCR is likely to ask you if you
                                            are selected for an audit, and what you'll have to have
·    Health Information Manager             prepared already when they do.

·    Healthcare Counsel/lawyer

·    Office Manager                         • Find out what the rules are that you need to comply
                                            with and what policies you can adopt that can help you
Contracts Manager                   come into compliance.

                                    • Learn how the HIPAA rules have changed and how
                                    you may need to change how you work to keep up
                                    with them.

                                    • Learn how having a good compliance process can
                                    help you stay compliant more easily.

                                    • Find out what you'll need to have documented to
                                    survive an audit and avoid fines.
purchase formats
    $189 One Dial In - One
                                    • Find out what you'll need to think about to deal with
                                    future threats to the security of patient information.
     $249 One Dial In - Unlimited
attendance (To be arranged in a
Conference room/Meeting room.
Note : Only One Dial In Allowed)    Why should you attend:

    $289 On Demand (Recording
available within 48 hrs after the
completion of the webinar)
                                    • The US Department of Health and Human Services
                                    (HHS)has begun a program to meet requirements in the
    $349 Get Training CD            HITECH Act in the American Recovery and
                                    Reinvestment Act of 2009 (ARRA) for performing
                                    periodic audits of compliance with the HIPAA Privacy
                                    and Security Rules, and up to 150 random HIPAA
                                    compliance audits will be performed by the end of
    More Trainings                  2012. While in the past, audits had been performed
                                    only at entities that had had a compliant filed against
                                    them, the new rule calls for audits whether or not there
                                    is a complaint. This means that the HHS Office for
                                    Civil Rights (OCR) can show up at your door and ask
                                    to perform an audit on short notice, and your
                                    organization will need to be ready in less than ten
                                    business days.
• If your organization is not ready, the HIPAA rules
have new, significantly higher fines, including
mandatory minimum fines of $10,000 for willful neglect
of compliance. All HIPAA entities need to be fully in
compliance and prepared for an audit at any time, or
risk the significant fines for non-compliance.

• In addition, HIPAA enforcement has taken on a new
importance at HHS, as shown in multi-million dollar
fines and even a one million dollar settlement for a
breach of just 192 records. HHS OCR officials have
publicly stated that enforcement is now a priority, and
that means being ready for an audit is more important
than ever. The "slap-on-the-wrist" days are over and
fines and settlements are being levied, with more on the
way -- don't let your organization be hit for an audit
unprepared. And even postal inspectors are now using
HIPAA to prosecute identity theft cases.

• By using an information security management
process, those responsible for health information can
develop the procedures and policies that can help
prevent security problems, and help prepare the
organization for any incidents, audits, or enforcement

• If you don't take the proper steps to ensure your
patients' health information is being protected
according to the HIPAA Security and Privacy Rules,
you can be hit with significant fines and penalties.
With the increased HIPAA fines beginning at $10,000 in
cases of willful neglect, providing good information
security and being in compliance are more important
than ever.

• In addition new enforcement is taking place related to
the new HIPAA Breach Notification Rule – when a
breach is reported, HHS inspectors can investigate to
determine if a penalty is warranted.

Description of the topic:
• In this session we will discuss the HIPAA audit and
enforcement regulations and processes, and how they apply
to HIPAA covered entities and business associates, and the
new random HIPAA compliance audit program in particular.
We will explain the enforcement regulations and the recent
changes that increase fines and create new penalty levels,
including new penalties for willful neglect of compliance that
begin at $10,000. We will discuss what information and
documentation must be prepared in advance so that you can
be ready for an audit any time. Sample information request
forms and questions asked at prior audits will be presented.

• The session will also cover how to know if you may become
the subject of an audit or enforcement action, and what you
can do to help limit your exposure. We will discuss how
most enforcement actions come about and what can be done
to prevent incidents that lead to enforcement.

• The HIPAA Privacy, Security, and Breach Notification
regulations (and the recent changes to them) and how they
will be audited will be explained. Documentation
requirements for compliance will be explored and a
framework of security policies necessary for compliance will
be presented. Meeting any set of information security
requirements always involves conducting a thorough risk
analysis to make sure you haven't overlooked any
weaknesses. We'll discuss what's involved and how it is the
cornerstone of your compliance efforts.

• The results of prior HHS audits (and their penalties) will be
discussed, including recent actions involving multi-million
dollar fines and settlments. A plan for attaining compliance
will be presented. The steps to follow to prepare for an audit
and respond to an audit request will be outlined. In addition,
upcoming trends in information security risks will be

About Speaker:

Jim Sheldon-Dean is the founder and director of
compliance services at Lewis Creek Systems, LLC, a
Vermont-based consulting firm founded in 1982,
                                      providing information privacy and security regulatory
                                      compliance services to a variety of health care
                                      providers, businesses, universities, small and large
                                      hospitals, urban and rural mental health and social
                                      service agencies, health insurance plans, and health
                                      care business associates. He serves on the HIMSS
                                      Information Systems Security Workgroup, has co-
                                      chaired the Workgroup for Electronic Data Interchange
                                      Privacy and Security Workgroup, and is a recipient of
                                      the 2011 WEDI Award of Merit. He is a frequent
                                      speaker regarding HIPAA and information privacy and
                                      security compliance issues at seminars and conferences,
                                      including speaking engagements at AHIMA national
                                      and regional conventions and WEDI national
                                      conferences, and before the New York Metropolitan
                                      Chapter of the Healthcare Financial Management
                                      Association, Health Information Management
                                      Associations of Virginia, New York City, New York
                                      State, and Vermont, the Connecticut Hospital
                                      Association, and the Hospital and Health System
                                      Association of Pennsylvania. Sheldon-Dean has nearly
                                      30 years of experience in policy analysis and
                                      implementation, business process analysis, information
                                      systems and software development. His experience
                                      includes leading the development of health care related
                                      Web sites; award-winning, best-selling commercial
                                      utility software; and mission-critical, fault-tolerant
                                      communications satellite control systems. In addition,
                                      he has eight years of experience doing hands-on
                                      medical work as a Vermont certified volunteer
                                      emergency medical technician. Sheldon-Dean received
                                      his B.S. degree, summa cum laude, from the University
                                      of Vermont and his master’s degree from the
                                      Massachusetts Institute of Technology.
                        Compliance2go |
                        Phone : 877.782.4696 | Fax : 281-971-0286
                          Email :

Shared By:
Description: Awareness and ideas can really change the way we work but nevertheless it is also very crucial that these are allowed to bloom and be nurtured keeping in mind the various rules and regulations and other such compliance issues....Compliance2go Thus Compliance2go staff makes a committed effort to bring the best and the ever changing and important laws available to those who need to be educated on this regard. We commit to bring you quality webinars from industry experts in a timely fashion. Ensuring your business strategy is on the right track to face the future bounties. The best part of this kind of learning involves that you don't have to spend money for going to any location Compliance2go as the name suggests that without having proper adherence to the ever changing compliance rules and regulations, of the government any company needs to halt. The undying need for operational transparency ensures that the professionals are well in advance educated and do execute and make their company compliant. This could only be possible with assistance from experts, regulators, compliance professionals, and other such stalwarts of the industry. Nevertheless assistance can be expensive and time consuming. This is done by hosting cost effective and informative webinars, web alerts and also holding discussion forums where you can discuss on the nature, existence and relevance of various laws. This will also help you to do networking with various professionals and give a new dimension to your business. We desire and thrive to impart effective trainings to give you the best to fulfil your objective requirement for various compliance issues. Every compliance training is structured, presented and deployed so that you can understand what it means to you and your company.