Gregory J. Ehardt, JD, LL.M. | HIPAA/Assistant Compliance Officer | HCA Adjunct Professor | Office of General Counsel | Idaho State University has joined the Clearwater HIPAA Compliance BootCamp™ Faculty. Mr. Ehardt will be sharing his experiences and lessons learned from the recent OCR Investigation that resulted in a Settlement Agreement with HHS/OCR that included a Corrective Action Plan and $400K payment. Here’s today’s big tip – Go to School On Idaho State University (ISU).
HIPAA Audit Tips – Learn from ISU’s Greg Ehardt
Last week the Settlement Agreement reached by ISU and HHS/OCR was announced. ISU has agreed to pay $400,000 to the U.S. Department of Health Human Services (HHS) to settle alleged violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule. The settlement involves the potential impermissable disclosure of unsecured electronic protected health information (ePHI) of approximately 17,500 patients at ISU’s Pocatello Family Medicine Clinic.
Blogosphere is Lit Up! Clearwater is Bringing the Real Deal
Yes, every pundit – many newly self-declared HIPAA experts – has a comment to make. Clearwater Compliance has been assisting ISU throughout the investigation. Mr. Gregory J. Ehardt, JD, LL.M. | HIPAA/Assistant Compliance Officer | HCA Adjunct Professor | Office of General Counsel has agreed to join the Clearwater HIPAA Compliance BootCamp™ Faculty for the remainder of 2013 and share his experiences managing this OCR Investigation process on behalf of ISU. Mr. Ehardt will make presentations at each of the Clearwater Compliance Clearwater HIPAA Compliance BootCamp™ sessions beginning May 29th.
Attend Mr. Ehardt’s Presentation at an Upcoming Clearwater HIPAA Compliance BootCamp™
- May 29 Virtual HIPAA Compliance BootCamp™
- August 7 Virtual HIPAA Compliance BootCamp™
- November 6 Virtual HIPAA Compliance BootCamp™
- Live HIPAA Compliance BootCamp™
Proven HIPAA Audit Tips – Other Actions You Should Take Now to Prepare for OCR HIPAA Investigations or Audits
We recommend that organizations who have not already done so complete some fundamental preparation activities which include, but are not limited to:
- Establish a formal Privacy and Security Risk Management & Governance Program. (45 CFR § 164.308(a)(1))
- Complete a HIPAA Security Evaluation. (45 CFR § 164.308(a)(8))
- Complete a Privacy Rule compliance assessment. (45 CFR §164.530)
- Complete a Breach Rule compliance assessment. (45 CFR §164.400)
- Complete a HIPAA Security Risk Analysis (45 CFR §164.308(a)(1)(ii)(A))
- Develop comprehensive HIPAA Privacy and Security and Breach Notification Policies & Procedures. (45 CFR §164.530, 45 CFR §164.316 and 45 CFR §164.414 )
- Document and act upon a corrective action plan.
Join the 350+ companies (both covered entities and business associates) that work with Clearwater Compliance. We can help your organization jump-start your HIPAA Compliance program.
Wanna be even more ready for an audit or hip on HIPAA? Learn more…
The complete HIPAA Privacy, Security and Breach regulations are here.
If you’d like keep up to date on Audit Preparation, Risk Analysis or HIPAA-HITECH in general, please consider (all optional!):
- Joining our AboutHIPAA LinkedIn Group: http://AboutHIPAALI.org
- Following me: https://twitter.com/ClearwaterHIPAA
- Subscribing to our eNewsletter
- Attending a HIPAA HITECH live webinar: http://clearwatercompliance.com/live-educational-webinars/
- Attending a HIPAA HITECH Blue Ribbon Panel Live Web Event: http://clearwatercompliance.com/hipaa-hitech-blue-ribbon-panel/
- Viewing a pre-recorded webinar: http://clearwatercompliance.com/on-demand-webinars/
Latest posts by Bob Chaput (see all)
- Making the case for comprehensive cyber-risk strategies: 10 startling facts that will spur C-suite action - August 8, 2016
- Building Capability and Capacity to Take on Healthcare’s Evolving Security Threats - August 5, 2016
- HIPAA Risk Analysis Tip – The Biggest Risk Management Surprises in the 2016 OCR Audit Protocol - April 11, 2016