Overview:

This course addresses the newly released OCR (Office for Civil Rights) Phase 2 Audit Program. The rules and protocols have been released and the audit process has started. All covered entities (CE) and business associates (BA), literally anyone that accesses, uses or discloses PHI (Protected Health Information) needs to be aware of this new audit program. Potentially OCR can review up to 180 different areas of the HIPAA privacy, security and breach rules. This presentation reviews the detailed processes OCR will use for the audits along with examples of the protocols and how to be prepared for an OCR audit.

It's important to be prepared because even if not selected for an OCR audit, any privacy or security complaint could trigger the same types of questions and requests for documentation during the investigation.

Why should you Attend:

• How the Phase 2 audit program builds upon the 2012 Pilot audit program
• etails about the sites to be selected for an audit
• Initial indicators that an audit may be eminent
• Timeframes for sites being audited
• Examples of privacy, security and breach audit protocols
• Continued analysis of the protocols to bring the audience the latest information about the questions and required documents OCR are using in the audits
• How to prepare a compliance program for an OCR audit or investigation by lowering overall privacy and security risk

• History of the OCR audit programs
• The processes and rules surrounding the 2016 OCR audit program
• Examples of privacy, security and breach audit protocols
• Steps to take in preparation for an OCR audit
  

• Privacy Officers
• Security Officers
• Compliance Officers
• HIM Managers
• Practice Managers
• CIO
• General Counsel
• Physicians