OCR HIPAA Investigations Happen - How to Be Ready and Respond
|OnDemand Webinar||$149||Add to Cart|
Always be prepared for an OCR audit at any time by studying audit protocol.Learn how to prepare for an OCR audit. In this course, we will provide you with actionable items you can implement today to take a proactive stance against security incidents, breaches, and audits. We look forward to helping you on your way to becoming (and staying) HIPAA compliant.
AuthorsJason Karn, Total HIPAA Compliance, LLC
Who or What Can Trigger a HIPAA Audit?
• The Office for Civil Rights (OCR) in the Department of Health and Human Services (HHS)
• State Attorneys General
• A Complaint Filed by Affected Clients or Employees
What Is an Audit?
• An Investigation Performed Randomly by OCR to Ensure Organizations Are HIPAA Compliant
• An Investigation Performed by OCR After a Breach
What Will Auditors Be Looking for?
• Auditors Will Want to See:
- A Risk Assessment Performed in the Last Year
- Your Policies and Procedures, Including Those Regarding Breach Notification Procedure
How Can You Prepare for an Audit?
• Adopt the Mindset of - It's Not If It'll Happen but When
• Follow Our Five-Step Checklist:
- Appoint a Privacy and Security Officer
- Conduct a Risk Assessment
- Train Your Employees
- Implement a HIPAA Compliance Plan
- Review and Update Your Compliance Plan Annually
• Most Breaches Occur as a Result of Human Error
• Your Employees Are Your First Line of Defense and Should Be Trained Annually
• Reviewing Your HIPAA Compliance Plan Annually Will Ensure You Have the Proper Procedures in Place in the Event of a Security Incident
How to Prevent Mistakes, Complaints, and Discrimination Investigations
• Respond Quickly and According to Your Policies and Procedures
• Do Not Retaliate in Any Way Against Employee or Client Complaints
How to Stay Compliant During an Audit
• Have All Documentation Ready
• Ensure That None of It Is Incomplete and All in Its Final Form
• Cooperate With Anything the Auditor Requests