HOW TO MANAGE OCR/HHS HIPAA/HITECH AUDIT

Srini Kolathur is Keynote Speaker at HIPAA Ijona. He has several years of experience in helping companies effectively meet and exceed regulatory compliance requirements including SOX, PCI, HIPAA, etc. by using best practices. For the last several years, he has been actively involved in Sarbox controls implementation, PCI-DSS, GRC and internal audit functions in the critical general IT control areas. As internal compliance and audit liaison project manager for Cisco infrastructure group, Srini has managed compliance and automation projects, including developing tracking systems for monitoring p........

Overview

Among other things, the HITECH Act significantly strengthened HIPAA enforcement activities. In addition to increasing penalties, allowing enforcement by state attorneys general, requiring notices of breaches, and making business associates directly subject to penalties, the HITECH Act mandated that Office for Civil Rights of HHS conduct HIPAA audits. This one-hour webinar will focus on preparation required by healthcare organizations to successfully manage an OCR/HHS audit by regulators.

Why should you attend this webinar?

Section 13411 of the Health Information Technology for Economic and Clinical Health (HITECH) Act, requires Health and Human Services (HHS) to conduct periodic audits of providers and business associates to ensure their compliance with the HIPAA Security and Privacy Rule, and breach notification standards. To implement this mandate, the Office of Civil Rights (OCR) has conducted HIPAA/HITECH audit program with KPMG of 115 health care organizations to assess privacy and security compliance. This webinar will focus on the implementation and tracking of HIPAA audit best practices in a healthcare setup in order to prepare for the federal audit using published OCR audit protocols.

Every audit begins with interviews, a questionnaire, and a thorough policy and procedures review. Presenter, with his decades of knowledge in the compliance, legal, auditing and security areas, will walk the attendees through the audit process, documentation requirements, and implementation specifications of the HIPAA privacy, security and breach rules. This presentation not only provides opportunity for the participants to prepare for the federal HIPAA audit but also to improve the security posture of their organizations by adopting to changing technology (mobile, social media, Health Information Exchange(HIE), cloud services, etc.) and threat landscape perspective as well. This presentation will uncover reasons why many health information breaches are occurring and help organizations better secure and comply with electronic protected health information by meeting the required and addressable HIPAA/HITECH security rules.

The presenter will also share the best practices used for HIPAA security implementation and continuous risk assessment which is considered as "due diligence" by auditors for the HIPAA security compliance program.

Areas Covered in the Session: