Speaker: Paul R. Hales - Attorney, Attorney at
Law LLC
Date: December 7th Wednesday
Time: 01:00 PM EST | 10:00 AM PST
Duration: 60 Minutes
Product Code: 300176
Level: Beginner
Key Take Away
Learn how vital it is for
Covered Entities of all sizes to be prepared for a HIPAA Privacy, Security and
Breach Notification Rule Compliance.
Overview
Every Covered Entity and
Business Associate is liable to be audited for HIPAA Compliance by U. S.
Department of Health and Human Services (HHS). HIPAA Compliance Audits are now
underway. HHS finalized HIPAA Compliance Audit procedures is screening Covered
Entities picked randomly from the National Provider Identifier (NPI) database
to identify the first group of Covered Entities to be audited. The first group
of Business Associates audited for HIPAA Compliance will be selected from
Business Associates of the first group of Covered Entities. This is an
enforcement audit.
Why Should You Attend
·
Every Covered Entity and Business Associate is liable - without
prior notice - to be audited for HIPAA Compliance training by HHS
·
You will have only 2 weeks after receiving your HIPAA Compliance
Audit notification and data request to upload all requested documents to an HHS
HIPAA Compliance Audit Portal
·
The HIPAA Compliance Audit data request you receive will specify
content and file organization, file names and any other document submission
requirements
·
Auditors will not contact an audited entity for clarifications
or ask for additional information - it is essential that submitted documents
are current, accurately reflect the entity's HIPAA Compliance program and
demonstrate HIPAA Compliance
·
Only data submitted on time will be assessed
·
Failure to respond on time may be referred to the HHS training
office subjecting the entity to a thorough HIPAA Compliance review
·
Some of the first group of audited entities will be selected for
comprehensive on-site HIPAA Compliance Audits, instead of the more limited
review of uploaded documents (called a "desk audit" by HHS)
·
HHS conducted pilot audits of Covered Entities to help design
the current official HIPAA Compliance Audit Program. Results of the pilot audit
published by HHS revealed:
·
Widespread non-compliance by Covered Entities of all sizes
- and HHS made special mention that Small Entities "struggle"
with HIPAA Privacy, Security and Breach Notification Rule Compliance
·
HHS says more than 90% of Health Care Providers are Small
Entities, according to Federal guidelines
·
The most common cause of failure was the audited entity was
unaware of the HIPAA Compliance requirement
·
80% of Health Care Providers failed to have an accurate or
complete Risk Analysis - mandatory for all Covered Entities since 2005 and all
Business Associates
·
HIPAA Compliance Audits are just one example of increased HIPAA
Compliance enforcement. Massive data breaches, theft of Protected Health
Information (PHI) and public and political pressure demand close scrutiny of
the HIPAA Compliance program of every Covered Entity and Business Associate,
regardless of size. From September 2009 through May 31, 2015 HHS received more
than 173,000 reports of breaches of PHI affecting less than 500 individuals and
approximately 1,240 reports of breaches affecting 500 or more individuals.
Areas Covered In This Webinar
This webinar will concentrate on
topics that HHS has announced will be the focus of the first round of
"desk audits". They reflect significant areas of non-compliance
revealed in the 2012 pilot audits and HHS HIPAA violation investigations
concluded by Resolution Agreements and Corrective Action Plans. They include:
·
HIPAA Risk Analysis
·
Risk Management based on Risk Analysis
·
Breach Notification
·
Notice of Privacy Practices (for Covered Entities)
·
Minimum Necessary Standard
·
Access of Individuals to their PHI
·
Authorizations
·
Workforce Training
This webinar is vital because,
in focusing on preparation for a HIPAA Compliance Audit, Covered Entities and
Business Associates may review, prioritize and structure their HIPAA Compliance programs. If you have HIPAA
Compliance documentation ready to submit on two weeks’ notice to HHS you are
implementing an effective HIPAA Compliance workforce training program.
In addition, every Covered
Entity or Business Associate may face an HHS HIPAA Compliance investigation at
any time due to a complaint or a Breach. If you are "audit ready" you
will be ready for an investigation - and better able to avoid complaints and
prevent health and human services breaches.
Learning Objectives
·
What to Expect - HHS HIPAA Compliance Audit Topics and
Procedures
Who Will Benefit
·
Top Management
·
Health Care Provider Practice Managers
·
Risk Managers
·
Compliance Managers
·
Information Systems Managers
·
Legal Counsel
Speakers Profile
Paul R. Hales, J.D. is an attorney at
law in St. Louis, Missouri whose practice has included specialization in the
HIPAA Privacy and Security Rules from the dates they became effective. He
provides assistance and counseling on the new, more demanding compliance
requirements of the HITECH modifications to HIPAA. Mr. Hales is licensed to
practice before the Supreme Court of the United States, Federal Appellate and
District Courts, the State Courts of Missouri and is a graduate of Columbia
University Law School.
Source Link: https://www.atozcompliance.com/trainings-webinar/healthcare/hipaa-hitech/get-ready-for-your-hipaa-compliance-audit/paul-r-hales/300176
No comments:
Post a Comment