Register Now

Reserve your seat

Join us for this complimentary educational webinar and be prepared for an OCR Investigation or OCR Audit!
Register Now

In 2015, the Office of Inspector General (OIG) published a report on OCR’s oversight of HIPAA covered entities, and the results were underwhelming. In September 2015, the Office of the Inspector General (OIG) issued two reports calling for OCR to strengthen its enforcement of the HIPAA regulations and a key step in doing so included the implementation of a permanent audit program.  The Phase 2 HIPAA Compliance Audits are now underway, and continue to be a source of concern to Covered Entities and Business Associates.

Join us for a review of the investigation process and Phase 2 Audit Protocols and to learn the most efficient and effective ways to prepare.

Audits will continue to occur for a few hundred Covered Entities and Business Associates each year; however, OCR receives thousands of complaints and Breach Reports every year that are subject to review and potential investigation.  The likelihood of an organization undergoing an investigation is far higher than the potential for an audit, and organizations should be prepared for both at any time.

In OCR’s words: “The audits present an opportunity to examine mechanisms for compliance, identify best practices, discover risks and vulnerabilities that may not have come to light through OCR’s ongoing complaint investigations and compliance reviews, and enable us to get out in front of problems before they result in breaches.”

The OIG also stated that OCR continues to strengthen and adjust the way it conducts its complaint and breach investigations. Regardless of how OCR can ‘come through your door,’ it is recommended that you prepare for both an OCR audit and OCR investigation.

Is your organization ready?

Agenda

This session is offered as a 75-minute Live Web Event using the GoToWebinar platform. The open format encourages questions during and after the session.  Attendees will receive the presentation materials the day after the event.

No matter where your organization is in its HIPAA compliance journey, you will benefit from learning:

  • The requirements of the HIPAA Privacy and Breach Notification Rules
  • The causes of data breaches and complaint-driven investigations and what you can do to reduce the risk
  • What the OCR audits are requiring from organizations according to their protocols
  • The findings of compliance weaknesses from the initial OCR mandated audits
  • How to evaluate the level of your organization’s compliance with the regulations
  • Practical, actionable steps to take today to mitigate risk and help assure compliance

Date & Time

Thursday, July 27, 2017

3:30pm -4:45pm CT

Your Presenter

Wes Morris, CHPS, CIPM, HCISPP
Wes Morris, CHPS, CIPM, HCISPPHIPAA Consultant, Clearwater Compliance LLC

The Challenge

Most organizations think they are HIPAA compliant and yet many of those don’t understand their compliance gaps until they are audited or investigated. There are some key requirements that many organizations miss when it comes to HIPAA compliance, and those documents are typically OCR’s most requested documentation if they do come calling.

Thus far, the focus of the Phase 2 audits is on an organization’s risk management program, risk assessment, patient access to medical records, Notice of Privacy Practices, and breach notification procedures.

Learn from Wes Morris, a Clearwater Prinicpal Consultant, on how to establish due diligence and ‘get your ducks in a row’ in the event you receive an OCR audit or investigation letter. Wes has extensive experience with conducting mock audits utilizing the OCR Audit Protocols and participating/responding to OCR investigations.

The Solution

Learn from one of Clearwater Compliance’s Principal Consultants on how to understand and prepare for the Phase 2 OCR Audits or an investigation.  In this webinar, you will learn:

  • Why it’s important to be prepared if a complaint or incident results in an investigation or OCR selects your organization for an audit.
  • Information required if you receive a pre-screening audit questionnaire
  • An example of an investigation letter and the types of documentation demanded
  • What’s new and what’s changed in the new Security Rule audit protocol
  • How to best prepare for an OCR audit – (you will only have 10 days if selected)
  • How to respond to an investigation letter
  • Tips and best practices

Learning Outcomes

No matter where you are in your HIPAA compliance journey, you will benefit from learning about:

  • What the OCR requires when conducting an investigation
  • What the current audits are requiring from organizations according to the OCR protocols
  • How to evaluate the level of your organization’s compliance with the regulations
  • Practical, actionable steps to take today to mitigate risk and help assure compliance
  • The findings of compliance weaknesses from the initial OCR mandated audits
Register Now

Reserve your seat

Join us for this complimentary educational webinar and be prepared for an OCR Investigation or Audit!
Register Now