What Covered Entities Need to Know about OCR HIPAA Audit​s

September 19th, 2017 3:00PM EDT

OCR announced Phase 2 of its HIPAA audit program in 2016, which would focus on desk audits to review how healthcare organizations – and business associates – adhere to the HIPAA Privacy, Security, and Breach Notification Rules. Healthcare organizations ​must have the right policies and procedures ​in ​place, but ​they ​should also be aware of the documented OCR compliance program.

Phase 1 ​audits had as their focus entities checking boxes off to ensure they had read the rules, addressed each required provision, and then included that in their policies and procedures. However, the ​latest round ​put the focus on compliance and action. But what exactly is OCR looking for? Even if they weren’t selected this time, how should covered entities and business associates prepare for a potential OCR HIPAA audit? What can healthcare organizations expect for the final OCR audit phase?

In this webcast, listeners will learn the basics of an OCR HIPAA audit and garner a better understanding of OCR’s 2017 to 2018 goals and objectives with regard to compliance review and potential enforcement.

Additionally, attendees can learn more about the following:
  • Best practices to uncover potential risk and vulnerabilities in the organization
  • Detect areas where technology can assist with compliance
  • How to approach vendor risk management, and the importance of business associate agreements
  • Why ongoing risk assessments are critical to basic HIPAA compliance

Register Here: 
Speaker: 
Iliana L. Peters, J.D., LL.M.
Senior Advisor for HIPAA Compliance and Enforcement
HHS Office for Civil Rights

In this role, Ms. Peters is the national lead for OCR enforcement of the HIPAA Rules, and works closely with OCR’s ten regional offices to promote compliance with the HIPAA Rules. Additionally, she supports many other OCR policy and outreach initiatives, including rulemakings, compliance initiatives with other federal agencies, and training, including of the State Attorneys General.

 
We respect your privacy. By submitting your registration information to HealthITSecurity.com you agree to receive email communications from Xtelligent Media. Please read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. You can view our Terms of Service or you may contact us at: contactus@xtelligentmedia.com
Sponsored by: Iatric Systems

Iatric Systems Security Audit Manager™, the KLAS category leader in patient privacy monitoring three years in a row, has helped hundreds of healthcare organizations reduce the risk of privacy breaches and comply with HIPAA/HITECH and Meaningful Use regulations. Security Audit Manager proactively monitors millions of transactions daily and alerts compliance staff to instances of inappropriate access to patient data. The system consolidates patient access data from all of your organization's diverse software applications, and reduces audit volumes to review by 95%.