Register Online - Add to Cart


Sponsored by Lorman Education
Product ID: 409472EAU
Credit & Course Provided by:

OCR HIPAA Investigations Happen - How to Be Ready and Respond

OnDemand Webinar (60 minutes)

Always be prepared for an OCR audit at any time by studying audit protocol.Learn how to prepare for an OCR audit. In this course, we will provide you with actionable items you can implement today to take a proactive stance against security incidents, breaches, and audits. We look forward to helping you on your way to becoming (and staying) HIPAA compliant.


Jason Karn, Total HIPAA Compliance, LLC


Who or What Can Trigger a HIPAA Audit?

• The Office for Civil Rights (OCR) in the Department of Health and Human Services (HHS)

• State Attorneys General

• A Complaint Filed by Affected Clients or Employees

What Is an Audit?

• An Investigation Performed Randomly by OCR to Ensure Organizations Are HIPAA Compliant

• An Investigation Performed by OCR After a Breach

What Will Auditors Be Looking for?

• Auditors Will Want to See:

- A Risk Assessment Performed in the Last Year

- Your Policies and Procedures, Including Those Regarding Breach Notification Procedure

How Can You Prepare for an Audit?

• Adopt the Mindset of - It's Not If It'll Happen but When

• Follow Our Five-Step Checklist:

- Appoint a Privacy and Security Officer

- Conduct a Risk Assessment

- Train Your Employees

- Implement a HIPAA Compliance Plan

- Review and Update Your Compliance Plan Annually


• Most Breaches Occur as a Result of Human Error

• Your Employees Are Your First Line of Defense and Should Be Trained Annually

• Reviewing Your HIPAA Compliance Plan Annually Will Ensure You Have the Proper Procedures in Place in the Event of a Security Incident

How to Prevent Mistakes, Complaints, and Discrimination Investigations

• Respond Quickly and According to Your Policies and Procedures

• Do Not Retaliate in Any Way Against Employee or Client Complaints

How to Stay Compliant During an Audit

• Have All Documentation Ready

• Ensure That None of It Is Incomplete and All in Its Final Form

• Cooperate With Anything the Auditor Requests