Be Prepared for a HIPAA Security Audit
October 9, 2014 - online event CA USMentorHealth
webinars@mentorhealth.com
Phone:8003851607
Fax:302-288-6884
Overview: Office of Civil Rights will conduct security audits on covered entities and business associates. Covered entities and business associates should proactively develop a work plan to review their operations in light of the specifications identified in the protocol. The detailed audit guidance can serve as a roadmap for compliance. Covered entities and business associates may assess current practices for each established performance criterion using OCR's audit procedures in order to understand their current state of compliance. Such efforts may help reduce the risks of adverse findings in an actual audit, and reduce the likelihood of a breach or some other form of HIPAA violation. Conducting a risk analysis is the first step in identifying and implementing safeguards that comply with and carry out the standards and implementation specifications in the HIPAA Security rule. Risk analysis should be an ongoing process, in which a covered entity regularly reviews its records to track access to e-PHI and detect security incidents, periodically evaluates the effectiveness of security measures put in place, and regularly reevaluates potential risks to e-PHI. The HIPAA Breach Notification Rule, 45 CFR 164.400-414, requires HIPAA covered entities and their business associates to provide notification following a breach of unsecured protected health information. The webinar will discuss what the OCR will review and key elements of the HIPAA Privacy and Security and Breach Notification Rules and what processes and safeguards must be in place to ensure appropriate protection of electronic protected health information. Areas Covered in the Session: Overview of Office of Civil Rights (OCR) audit initiatives Discuss HIPAA Privacy and Security and Breach Notification Rules How to implement appropriate security measures to address the risks identified in the risk analysis How to maintain continuous, reasonable, and appropriate security protections Who Will Benefit: Health Care providers Hospital Nursing Home Rehab Home Health Physicians Dr. Freville is an independent consultant who advises healthcare clients regarding many regulatory issues including but not limited to compliance and HIPAA/HITECH program effectiveness. She establishes compliance department operations to include planning, designing, and implementing system-wide Corporate Compliance and HIPAA/HITECH Programs. She writes Codes of Ethical Conduct and compliance policies and procedures for providers.