HIPAA Security Audits
AUDIOCONFERENCE ON CD OR AUDIO ON-DEMAND
Sponsored by Briefings on HIPAA
presented on November 5, 2008
The government is looking closely at HIPAA violations and covered entities are starting to pay the price for violating the security rule. Providence Health & Services in Seattle is making a $100,000 resolution payment to the government and must spend countless more time and money implementing a corrective action plan to ensure their security program meets the letter of the law.
Is there a security audit in your future? Will your organization be able to stand up to the increased scrutiny and enforcement from CMS and the OIG?
During this 90-minute audio conference, our speakers—experts in the healthcare information security industry—will tell you what you need to do to be "audit-ready" not to mention avoid potential violations, security breaches, and the penalties that result. It means your public image remains spotless, which is crucial in an era when patients shop around for the best healthcare.
We also look at what kinds of problems recent audits have uncovered and what you can do to avoid them, the government's audit procedures and what you should do if you are audited, as well as how to stay audit-ready in an atmosphere where technology changes and security threats are ever present. We also discuss the future of HIPAA security enforcement and CMS and OIG audit plans.
Note: This is an intermediate level program and important for healthcare providers and other HIPAA covered entities, especially large hospitals, academic medical centers, and integrated healthcare delivery systems. Purchasers should have an understanding of HIPAA, the security rule, and information security practices.
TAKE A LOOK AT THE AGENDA
- Health and Human Services, OIG and CMS/PricewaterhouseCoopers (PwC) security audits
- Corrective action plan
- Fines, penalties, sanctions
- Predictions for future audit trends
- How to become—and stay—compliant with the regulations based on audit results
- How to prepare for an audit in case you are selected
- How to avoid incidents or breaches that could trigger an audit, financial penalties, and/or loss of reputation
A question and answer session follows the presentation
LEARNING OBJECTIVESAt the conclusion of this audio conference, you will be able to:
- Identify the main focus of the OIG and the CMS/PwC audits to-date
- State several findings and outcomes of the HIPAA security audits
- Demonstrate what to do if your organization is audited in the future
- Describe the lessons learned from the HIPAA security audits as well as areas that deserve special concentration for audit readiness
- Describe the HHS audit process, including who may be audited, and how it works
- Implement tips on preparation for an audit and how to manage the audit process
MEET THE SPEAKERS
Kate Borten, CISSP, CISM is president of The Marblehead Group, Inc., in Marblehead, MA, and provides privacy and security assessments, regulatory compliance audits, and program development guidance across the healthcare industry. She has more than 20 years experience in the healthcare industry including IT, information security, and privacy. She is the author of HIPAA Security Made Simple and other publications for HCPro, and four-year chair of HealthSec, the premier annual conference on information security in healthcare
John Parmigiani, MS, BES, is the president of John C. Parmigiani & Associates, LLC, in Ellicott City, MD. He has more than 35 years experience in information systems management in both the public and private sectors. He was the chairman of the government-wide HIPAA Administrative Simplification Security and Electronic Signature Standards Implementation Team that created the Security Rule and was a member of the federal committee that oversaw the development and implementation of the HIPAA Transactions and Code Sets and the Privacy Rule.
BONUS MATERIAL INCLUDED IN YOUR MATERIALS PACKETIn addition to the expertise and advice presented during this audio conference, you'll also receive a slide presentation of the program materials and copies of the following:
- Audit-ready checklist
- Sample CMS compliance review information request list
- Documents requested by OIG review
- List of helpful Web site resources
These materials are provided with PDF links.
WHO SHOULD LISTEN?Information security officers, chief information officers, privacy officers, compliance officers, legal/risk management staff, legal counsel, HIM managers, IT leaders with information security and/or compliance responsibilities. Human resource offices, board of director members, C-suite staff, physicians, and other healthcare organization management staff may also find the content to be helpful.
AUDIO ON-DEMANDIn addition to the regular purchase options for HCPro audio conferences, we are pleased to offer another option, an audio on-demand. Audio on-demand allows you to download the program and play it back at your convenience through your computer or MP3 player. Purchase a CD or audio on-demand of the program and listen when you can. It's also a perfect training tool for new staff or as a refresher for veteran staff.
Product Types :