Overview:

This rapid fire presentation will consist of numerous concerns that OCR has regarding business associates. We will spend time discussing what the law requires of the audits, who is performing the audits, what both the CE and the BA should know, and how to prepare for an audit. Also, we will discuss gap analysis, security risk assessments, identifying PHI in the "food chain", business associate agreements (BAA's), breach notification policies, effective staff training compared to simply providing some training, and employee awareness of their responsibilities regarding the ever changing world of information protection.

Why should you attend: It is believed by OCR that business associates (BA) have more compliance problems than they think and that they are at risk for more breaches than they should be. We will discuss matters of concerns that both covered entities (CE) and business associates should be prepared for.

Areas Covered in the Session:

• OCR-Their role
• Audits: What Are They Really Looking For?
• What The CE Needs to Know and How to Prepare
• What The BA Needs to Know and How to Prepare
• Gap Analysis
• Security Risk Analysis
• What Is PHI and Where Do I Find It?
• BAA's-Purpose, Relevance, and Importance
• Breach Notification Policies
• Staff Training-Is Any Better Than None? No!
• Employee Awareness Suggestions After The Training

• HIPPA Privacy and Security Officers
• Compliance Officer
• Risk Management
• Chief Nursing Officer
• Nurses
• Physicians
• Director of Health Information Management (HIM)
• Medical Records Staff (HIM)
• Chief Financial Officer
• Operational Directors
• Chief Medical Officer