OCR HIPAA Investigations Happen – How to Be Ready and Respond (OnDemand Webinar)

Who or What Can Trigger a HIPAA Audit?
• The Office for Civil Rights (OCR) in the Department of Health and Human Services (HHS)
• State Attorneys General
• A Complaint Filed by Affected Clients or Employees

What Is an Audit?
• An Investigation Performed Randomly by OCR to Ensure Organizations Are HIPAA Compliant
• An Investigation Performed by OCR After a Breach

What Will Auditors Be Looking for?
• Auditors Will Want to See:
• A Risk Assessment Performed in the Last Year
• Your Policies and Procedures, Including Those Regarding Breach Notification Procedure

How Can You Prepare for an Audit?
• Adopt the Mindset of – It’s Not If It’ll Happen but When
• Follow Our Five-Step Checklist:
• Appoint a Privacy and Security Officer
• Conduct a Risk Assessment
• Train Your Employees
• Implement a HIPAA Compliance Plan
• Review and Update Your Compliance Plan Annually

Remember:
• Most Breaches Occur as a Result of Human Error
• Your Employees Are Your First Line of Defense and Should Be Trained Annually
• Reviewing Your HIPAA Compliance Plan Annually Will Ensure You Have the Proper Procedures in Place in the Event of a Security Incident

How to Prevent Mistakes, Complaints, and Discrimination Investigations
• Respond Quickly and According to Your Policies and Procedures
• Do Not Retaliate in Any Way Against Employee or Client Complaints

How to Stay Compliant During an Audit
• Have All Documentation Ready
• Ensure That None of It Is Incomplete and All in Its Final Form
• Cooperate With Anything the Auditor Requests

AHIMA ,CLE (Please check the Detailed Credit Information page for states that have already been approved) ,Additional credit may be available upon request. Contact Lorman at 866-352-9540 for further information.

Jason Karn-Total HIPAA Compliance, LLC