Overview:

Participants will understand the importance of responding to the OCR pre-audit requests and how to respond. Our discussion will cover how to prepare for an anticipated OCR HIPAA privacy audit, by discussing how to conduct an internal self-assessment of your privacy program. We will discuss how to conduct the self-assessment, whether it be the need for policies, procedures or obtaining all of your business associates information.

Why should you Attend: If you have received a request from the OCR to provide the name of your entities privacy official and additional criteria, you are already aware that you are on the OCR’s radar and may be the focus of an audit. If you haven’t received a request yet, anticipate receiving one soon. In addition to ensuring that your HIPAA program is audit ready, you also need to ensure that you know all of your business associates and have their information readily available to provide to the OCR. Your entity needs to be ready now, as the OCR will either conduct focused desk audits, on-site audits or both in effort to review documentation of evidence of your compliance with the HIPAA regulation.

Areas Covered in the Session:

• Office of Civil Rights "OCR" requests for privacy official and additional information and timeline for response
• Internal assessment criteria of privacy program in anticipation of an OCR audit
• Conducting the assessment using the template based upon HIPAA regulations
• Discuss methods to address any found deficiencies
• Workforce training
  
  

• Healthcare providers
• Compliance and Internal Audit professionals or office staff responsible for ensuring patient privacy
• Healthcare Administrators
• Business Associates and all HIPAA Covered Entities