SlideShare una empresa de Scribd logo

Surviving a HIPAA Audit: Five Crucial Steps

Compliancy Group
Compliancy Group

Spurred to action by HITECH, the U.S. Department of Health and Human Services has started to enforce HIPAA regulations through a series of random audits. In 2014 the audits are expected to extend to Business Associates. In this session, attorney Richard Wagner will cover the five crucial steps that Covered Entities and Business Associates alike will need to take now to survive an unexpected audit.

Salud y medicina
1 de 22
Descargar para leer sin conexión
855.85HIPAA   www.compliancygroup.com   Industry leading Education Certified Partner Program •  Please ask questions •  For todays Slides http://compliancy-group.com/slides023/ •  Todays & Past webinars go to: http://compliancy-group.com/webinar/ Get Involved. #cgwebinar
Surviving  a  HIPAA  Audit:   Five  Crucial  Steps RICHARD  WAGNER  
Quick  Poll  #1
Quick  Takeaway   The  HIPAA  Audit  program  sounds  scary     Challenge  –  think  of  this  as  an  opportunity   ◦  IT/Security/Compliance:  voice  can  be  heard   ◦  Providers:  beHer  serve  your  paIents  in  an  increasingly  unsecure  environment     Overall  theme:  tackle  the  priority  items,  then  move  onto  the  other  issues  
Agenda HIPAA  Audit  Program  Overview   Pilot  Program  Results  and  Discussion   Five  Steps  to  Surviving  an  Audit   QuesIons  
The  HIPAA  Audit  Program   Enacted  into  law  in  2009  (ARRA/HITECH)     Designed  to  combat  ex  post  enforcement     HHS’  Office  of  Civil  Rights  (OCR)  oversees  program,  but  most  work  contracted  out  to  consultants     Two  pilot  programs  (2012  and  2013)     Permanent  rollout  in  2014  
Pilot:  2012-­‐2013   Caveat:  designed/implemented  before  Omnibus  Rule   ◦  Covered  EnIIes  only,  no  Business  Associates   ◦  Used  old  breach  analysis,  etc.     OCR  findings   ◦  Many  issues,  even  intenIonal  misrepresentaIons   ◦  Small  providers  had  the  most  difficulty   ◦  Security  flaws  dominated  findings  
Pilot  Findings
Privacy  Rule  Findings
Security  Rule  Problems
Points  of  Emphasis:  Privacy  Rule   Policies  and  procedures     Minimum  Use  
Points  of  Emphasis:  Security  Rule   Risk  assessment,  risk  assessment,  and  risk  assessment     Mobile  device  security   ◦  Data  in  moIon   ◦  Data  at  rest     Security  incident  procedures   ◦  Ever  more  important  a`er  HIPAA  Omnibus  RegulaIons  went  into  effect  
HIPAA  Audit  Survival THE  FIVE  STEPS
Step  #1  –  OrganizaOon   IniIal  document  request  period:  10  days  from  the  postmarked  audit  leHer     Done  by  design:  tesIng  your  response  Ime     Following  this  step  also  allows  you  to  assess  your  documentaIon  gaps     Update  old  documents     Establishing  an  audit  trail  
Quick  Poll  #2
Step  #2  –  Security  Risk  Assessment   The  most  important  document  you  need  for  HIPAA  compliance   ◦  Stressed  by  OCR  and  the  HIPAA  Audit  process   ◦  Also  has  great  pracIcal  value  –  a  risk  assessment  is  foundaIonal  to  proper  risk  management     Does  not  have  to  be  daunIng  –  scalable  according  to  size     What  you  need  to  assess   ◦  PotenIal  risks  and  vulnerabiliIes  to  the  confidenIality,  integrity,  and  availability  of  ePHI     Other  Ips  
Step  #3  –  Plugging  the  PHI  Holes   Risk  management  –  comes  on  the  heels  of  your  risk  assessment     Document  everything   ◦  Remember,  the  goal  is  to  establish  an  audit  trail     PrioriIze  risk  miIgaIon  acIons  
Step  #4  –  Business  Associate  Agreements   Update  your  BAA  to  reflect  Omnibus  changes   ◦  The  changes  aren’t  drasIc,  but  they  need  to  be  in  there     Make  sure  all  vendors  are  under  an  agreement   ◦  BAA  terms  and  complexity  needed  can  vary  from  provider  to  provider   ◦  Consult  your  aHorney  if  necessary     Get  subcontractor  assurances     Related  –  vendor  management  procedures  
Step  #5  –  Training   Point  of  emphasis  in  the  audits,  so  documentaIon  is  criIcal     Don’t  limit  yourself  to  HIPAA  training   ◦  Security  awareness  should  be  included  as  well     Use  the  training  as  an  opportunity  to  gain  informaIon  
Conclusions   Audits  signal  a  major  change  in  enforcement     As  worrisome  as  this  might  sound,  this  can  be  viewed  as  an  opportunity     Risk  assessment:  the  foundaIon     The  more  documentaIon,  the  beHer  
QuesOons   Richard  Wagner     richard@qliqso`.com  
Free  Demo  and  60  Day  Evaluation   www.compliancy-­‐group.com     855.85  HIPAA  (855.854.4722)   The Guard: One Simple, cost effective Compliance Tracking Solution that satisfies HIPAA, HITECH Risk Assessment, and Omnibus Compliance •  Reduces Risk & Liability •  Differentiates you from the competition •  Retain Clients/Patients •  Improve Revenue

Recomendados

Structured NERC CIP Process Improvement Using Six Sigma
Structured NERC CIP Process Improvement Using Six SigmaStructured NERC CIP Process Improvement Using Six Sigma
Structured NERC CIP Process Improvement Using Six SigmaEnergySec
 
Using IP Cameras and Advanced Analytics to help Protect Critical Infrastructure
Using IP Cameras and Advanced Analytics to help Protect Critical InfrastructureUsing IP Cameras and Advanced Analytics to help Protect Critical Infrastructure
Using IP Cameras and Advanced Analytics to help Protect Critical InfrastructureEnergySec
 
Msp saner 2.0
Msp saner 2.0Msp saner 2.0
Msp saner 2.0SecPod Technologies
 
Industry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherIndustry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherEnergySec
 
Five biggest secrets to an it audit webinar slides
Five biggest secrets to an it audit webinar slidesFive biggest secrets to an it audit webinar slides
Five biggest secrets to an it audit webinar slidesMichelle
 
Adaptive & Unified Approach to Risk Management & Compliance-via-ccf
Adaptive & Unified Approach to Risk Management & Compliance-via-ccfAdaptive & Unified Approach to Risk Management & Compliance-via-ccf
Adaptive & Unified Approach to Risk Management & Compliance-via-ccfawish11
 
Continous Audit and Controls with Brainwave GRC
Continous Audit and Controls with Brainwave GRCContinous Audit and Controls with Brainwave GRC
Continous Audit and Controls with Brainwave GRCGraeme Hein
 
Security Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif GhauriSecurity Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif GhauriAtif Ghauri
 

Recomendados

Structured NERC CIP Process Improvement Using Six Sigma
Structured NERC CIP Process Improvement Using Six SigmaStructured NERC CIP Process Improvement Using Six Sigma
Structured NERC CIP Process Improvement Using Six SigmaEnergySec
 
Using IP Cameras and Advanced Analytics to help Protect Critical Infrastructure
Using IP Cameras and Advanced Analytics to help Protect Critical InfrastructureUsing IP Cameras and Advanced Analytics to help Protect Critical Infrastructure
Using IP Cameras and Advanced Analytics to help Protect Critical InfrastructureEnergySec
 
Msp saner 2.0
Msp saner 2.0Msp saner 2.0
Msp saner 2.0SecPod Technologies
 
Industry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherIndustry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherEnergySec
 
Five biggest secrets to an it audit webinar slides
Five biggest secrets to an it audit webinar slidesFive biggest secrets to an it audit webinar slides
Five biggest secrets to an it audit webinar slidesMichelle
 
Adaptive & Unified Approach to Risk Management & Compliance-via-ccf
Adaptive & Unified Approach to Risk Management & Compliance-via-ccfAdaptive & Unified Approach to Risk Management & Compliance-via-ccf
Adaptive & Unified Approach to Risk Management & Compliance-via-ccfawish11
 
Continous Audit and Controls with Brainwave GRC
Continous Audit and Controls with Brainwave GRCContinous Audit and Controls with Brainwave GRC
Continous Audit and Controls with Brainwave GRCGraeme Hein
 
Security Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif GhauriSecurity Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif GhauriAtif Ghauri
 
20180529 scaf and cosmic presentaiton s rajagopal
20180529 scaf and cosmic presentaiton s rajagopal20180529 scaf and cosmic presentaiton s rajagopal
20180529 scaf and cosmic presentaiton s rajagopalCharles Symons
 
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...EnergySec
 
Security Essentials
Security EssentialsSecurity Essentials
Security EssentialsAshley Deuble
 
6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS Environments6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS EnvironmentsEnergySec
 
IT Compliance in 2015 - Beyond the “v” model
IT Compliance in 2015 - Beyond the “v” modelIT Compliance in 2015 - Beyond the “v” model
IT Compliance in 2015 - Beyond the “v” modelIGATE Corporation
 
Its Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples CounselingIts Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples CounselingAtif Ghauri
 
HIPAA Safeguard Slides
HIPAA Safeguard SlidesHIPAA Safeguard Slides
HIPAA Safeguard Slidesprojectwinner
 
Hernan Huwyler - CIO and CISO Norway - Collaboration for DIgital Security
Hernan Huwyler - CIO and CISO Norway - Collaboration for DIgital SecurityHernan Huwyler - CIO and CISO Norway - Collaboration for DIgital Security
Hernan Huwyler - CIO and CISO Norway - Collaboration for DIgital SecurityHernan Huwyler, MBA CPA
 
Audit Practice at CipherTechs
Audit Practice at CipherTechsAudit Practice at CipherTechs
Audit Practice at CipherTechsMordecai Kraushar
 
Popular Pitfalls in ISMS Compliance
Popular Pitfalls in ISMS CompliancePopular Pitfalls in ISMS Compliance
Popular Pitfalls in ISMS ComplianceRamkumar Ramachandran
 
Web Application Security Strategy
Web Application Security Strategy Web Application Security Strategy
Web Application Security Strategy Network Intelligence India
 
Secure Software Development Lifecycle
Secure Software Development LifecycleSecure Software Development Lifecycle
Secure Software Development Lifecycle1&1
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMShantanu Rai
 
How to build a change workflow process
How to build a change workflow processHow to build a change workflow process
How to build a change workflow processTufin
 
CIS Security Benchmark
CIS Security BenchmarkCIS Security Benchmark
CIS Security BenchmarkRahul Khengare
 
Getting Started with Business Continuity
Getting Started with Business ContinuityGetting Started with Business Continuity
Getting Started with Business ContinuityStephen Cobb
 
CSA Introduction 2013 David Ross
CSA Introduction 2013 David RossCSA Introduction 2013 David Ross
CSA Introduction 2013 David RossGraeme Wood
 
The Compliancy Group : The Guard, a HIPAA Compliance Solution
The Compliancy Group : The Guard, a HIPAA Compliance SolutionThe Compliancy Group : The Guard, a HIPAA Compliance Solution
The Compliancy Group : The Guard, a HIPAA Compliance SolutionCompliancy Group
 
Managing Traceability in an Agile, Safety-critical Development Environment
Managing Traceability in an Agile, Safety-critical Development EnvironmentManaging Traceability in an Agile, Safety-critical Development Environment
Managing Traceability in an Agile, Safety-critical Development EnvironmentIntland Software GmbH
 
Building HIPAA Compliance in service delivery teams
Building HIPAA Compliance in service delivery teamsBuilding HIPAA Compliance in service delivery teams
Building HIPAA Compliance in service delivery teamsGaurav Garg
 
Camera Sony CCTV
Camera Sony CCTVCamera Sony CCTV
Camera Sony CCTVCamilo Sutherland
 
Chiclete pode engolir
Chiclete pode engolirChiclete pode engolir
Chiclete pode engolirChris x-MS
 

Más contenido relacionado

La actualidad más candente

20180529 scaf and cosmic presentaiton s rajagopal
20180529 scaf and cosmic presentaiton s rajagopal20180529 scaf and cosmic presentaiton s rajagopal
20180529 scaf and cosmic presentaiton s rajagopalCharles Symons
 
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...EnergySec
 
6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS Environments6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS EnvironmentsEnergySec
 
IT Compliance in 2015 - Beyond the “v” model
IT Compliance in 2015 - Beyond the “v” modelIT Compliance in 2015 - Beyond the “v” model
IT Compliance in 2015 - Beyond the “v” modelIGATE Corporation
 
Its Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples CounselingIts Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples CounselingAtif Ghauri
 
HIPAA Safeguard Slides
HIPAA Safeguard SlidesHIPAA Safeguard Slides
HIPAA Safeguard Slidesprojectwinner
 
Hernan Huwyler - CIO and CISO Norway - Collaboration for DIgital Security
Hernan Huwyler - CIO and CISO Norway - Collaboration for DIgital SecurityHernan Huwyler - CIO and CISO Norway - Collaboration for DIgital Security
Hernan Huwyler - CIO and CISO Norway - Collaboration for DIgital SecurityHernan Huwyler, MBA CPA
 
Audit Practice at CipherTechs
Audit Practice at CipherTechsAudit Practice at CipherTechs
Audit Practice at CipherTechsMordecai Kraushar
 
Secure Software Development Lifecycle
Secure Software Development LifecycleSecure Software Development Lifecycle
Secure Software Development Lifecycle1&1
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMShantanu Rai
 
How to build a change workflow process
How to build a change workflow processHow to build a change workflow process
How to build a change workflow processTufin
 
CIS Security Benchmark
CIS Security BenchmarkCIS Security Benchmark
CIS Security BenchmarkRahul Khengare
 
Getting Started with Business Continuity
Getting Started with Business ContinuityGetting Started with Business Continuity
Getting Started with Business ContinuityStephen Cobb
 
CSA Introduction 2013 David Ross
CSA Introduction 2013 David RossCSA Introduction 2013 David Ross
CSA Introduction 2013 David RossGraeme Wood
 
The Compliancy Group : The Guard, a HIPAA Compliance Solution
The Compliancy Group : The Guard, a HIPAA Compliance SolutionThe Compliancy Group : The Guard, a HIPAA Compliance Solution
The Compliancy Group : The Guard, a HIPAA Compliance SolutionCompliancy Group
 
Managing Traceability in an Agile, Safety-critical Development Environment
Managing Traceability in an Agile, Safety-critical Development EnvironmentManaging Traceability in an Agile, Safety-critical Development Environment
Managing Traceability in an Agile, Safety-critical Development EnvironmentIntland Software GmbH
 
Building HIPAA Compliance in service delivery teams
Building HIPAA Compliance in service delivery teamsBuilding HIPAA Compliance in service delivery teams
Building HIPAA Compliance in service delivery teamsGaurav Garg
 

La actualidad más candente (20)

20180529 scaf and cosmic presentaiton s rajagopal
20180529 scaf and cosmic presentaiton s rajagopal20180529 scaf and cosmic presentaiton s rajagopal
20180529 scaf and cosmic presentaiton s rajagopal
 
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
 
Security Essentials
Security EssentialsSecurity Essentials
Security Essentials
 
6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS Environments6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS Environments
 
IT Compliance in 2015 - Beyond the “v” model
IT Compliance in 2015 - Beyond the “v” modelIT Compliance in 2015 - Beyond the “v” model
IT Compliance in 2015 - Beyond the “v” model
 
Its Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples CounselingIts Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples Counseling
 
HIPAA Safeguard Slides
HIPAA Safeguard SlidesHIPAA Safeguard Slides
HIPAA Safeguard Slides
 
Hernan Huwyler - CIO and CISO Norway - Collaboration for DIgital Security
Hernan Huwyler - CIO and CISO Norway - Collaboration for DIgital SecurityHernan Huwyler - CIO and CISO Norway - Collaboration for DIgital Security
Hernan Huwyler - CIO and CISO Norway - Collaboration for DIgital Security
 
Audit Practice at CipherTechs
Audit Practice at CipherTechsAudit Practice at CipherTechs
Audit Practice at CipherTechs
 
Popular Pitfalls in ISMS Compliance
Popular Pitfalls in ISMS CompliancePopular Pitfalls in ISMS Compliance
Popular Pitfalls in ISMS Compliance
 
Web Application Security Strategy
Web Application Security Strategy Web Application Security Strategy
Web Application Security Strategy
 
Secure Software Development Lifecycle
Secure Software Development LifecycleSecure Software Development Lifecycle
Secure Software Development Lifecycle
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCM
 
How to build a change workflow process
How to build a change workflow processHow to build a change workflow process
How to build a change workflow process
 
CIS Security Benchmark
CIS Security BenchmarkCIS Security Benchmark
CIS Security Benchmark
 
Getting Started with Business Continuity
Getting Started with Business ContinuityGetting Started with Business Continuity
Getting Started with Business Continuity
 
CSA Introduction 2013 David Ross
CSA Introduction 2013 David RossCSA Introduction 2013 David Ross
CSA Introduction 2013 David Ross
 
The Compliancy Group : The Guard, a HIPAA Compliance Solution
The Compliancy Group : The Guard, a HIPAA Compliance SolutionThe Compliancy Group : The Guard, a HIPAA Compliance Solution
The Compliancy Group : The Guard, a HIPAA Compliance Solution
 
Managing Traceability in an Agile, Safety-critical Development Environment
Managing Traceability in an Agile, Safety-critical Development EnvironmentManaging Traceability in an Agile, Safety-critical Development Environment
Managing Traceability in an Agile, Safety-critical Development Environment
 
Building HIPAA Compliance in service delivery teams
Building HIPAA Compliance in service delivery teamsBuilding HIPAA Compliance in service delivery teams
Building HIPAA Compliance in service delivery teams
 

Destacado

Chiclete pode engolir
Chiclete pode engolirChiclete pode engolir
Chiclete pode engolirChris x-MS
 
Escolhendo Pneus de carros
Escolhendo Pneus de carrosEscolhendo Pneus de carros
Escolhendo Pneus de carrosChris x-MS
 
Reportagem Filha - 2008 - Sobre Telescópio James Webb
Reportagem Filha - 2008 - Sobre Telescópio James WebbReportagem Filha - 2008 - Sobre Telescópio James Webb
Reportagem Filha - 2008 - Sobre Telescópio James WebbChris x-MS
 
Virtual PC 2007
Virtual PC 2007Virtual PC 2007
Virtual PC 2007Chris x-MS
 
Samsung HD P-ATA Jumper Limit
Samsung HD P-ATA Jumper LimitSamsung HD P-ATA Jumper Limit
Samsung HD P-ATA Jumper LimitChris x-MS
 
RTS Thresould - Netgear explain
RTS Thresould - Netgear explainRTS Thresould - Netgear explain
RTS Thresould - Netgear explainChris x-MS
 
802.11 Protocol Map
802.11 Protocol Map802.11 Protocol Map
802.11 Protocol MapChris x-MS
 

Destacado (10)

Camera Sony CCTV
Camera Sony CCTVCamera Sony CCTV
Camera Sony CCTV
 
Chiclete pode engolir
Chiclete pode engolirChiclete pode engolir
Chiclete pode engolir
 
GN 8050 TCA
GN 8050 TCAGN 8050 TCA
GN 8050 TCA
 
Escolhendo Pneus de carros
Escolhendo Pneus de carrosEscolhendo Pneus de carros
Escolhendo Pneus de carros
 
Reportagem Filha - 2008 - Sobre Telescópio James Webb
Reportagem Filha - 2008 - Sobre Telescópio James WebbReportagem Filha - 2008 - Sobre Telescópio James Webb
Reportagem Filha - 2008 - Sobre Telescópio James Webb
 
Virtual PC 2007
Virtual PC 2007Virtual PC 2007
Virtual PC 2007
 
Audit steps
Audit stepsAudit steps
Audit steps
 
Samsung HD P-ATA Jumper Limit
Samsung HD P-ATA Jumper LimitSamsung HD P-ATA Jumper Limit
Samsung HD P-ATA Jumper Limit
 
RTS Thresould - Netgear explain
RTS Thresould - Netgear explainRTS Thresould - Netgear explain
RTS Thresould - Netgear explain
 
802.11 Protocol Map
802.11 Protocol Map802.11 Protocol Map
802.11 Protocol Map
 

Similar a Surviving a HIPAA Audit: Five Crucial Steps

Firehost Webinar: Getting Hipaa Compliant
Firehost Webinar: Getting Hipaa Compliant Firehost Webinar: Getting Hipaa Compliant
Firehost Webinar: Getting Hipaa Compliant Armor
 
The must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challengeThe must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challengeCompliancy Group
 
The eDiscovery Primer for Lotus Domino Admins
The eDiscovery Primer for Lotus Domino AdminsThe eDiscovery Primer for Lotus Domino Admins
The eDiscovery Primer for Lotus Domino AdminsBill Malchisky Jr.
 
An Insider's Guide to Security Review (October 13, 2014)
An Insider's Guide to Security Review (October 13, 2014)An Insider's Guide to Security Review (October 13, 2014)
An Insider's Guide to Security Review (October 13, 2014)Salesforce Partners
 
Feroot Smart Technology Privacy Summit: Fiduciary Finesse & Cybersecurity — W...
Feroot Smart Technology Privacy Summit: Fiduciary Finesse & Cybersecurity — W...Feroot Smart Technology Privacy Summit: Fiduciary Finesse & Cybersecurity — W...
Feroot Smart Technology Privacy Summit: Fiduciary Finesse & Cybersecurity — W...Feroot
 
Nine HIPAA Compliance Questions to ask Yourself
Nine HIPAA Compliance Questions to ask YourselfNine HIPAA Compliance Questions to ask Yourself
Nine HIPAA Compliance Questions to ask YourselfLERNER Consulting
 
Why a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA ComplianceWhy a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA ComplianceCompliancy Group
 
Building the Business Case for TPRM - DVV Solutions Breakfast Briefing March ...
Building the Business Case for TPRM - DVV Solutions Breakfast Briefing March ...Building the Business Case for TPRM - DVV Solutions Breakfast Briefing March ...
Building the Business Case for TPRM - DVV Solutions Breakfast Briefing March ...DVV Solutions Third Party Risk Management
 
Continous compliance october 2019 webinar (2)
Continous compliance october 2019 webinar (2)Continous compliance october 2019 webinar (2)
Continous compliance october 2019 webinar (2)Nimonik
 
Avior Healthcare Security Compliance Webcast Final1
Avior Healthcare Security Compliance Webcast Final1Avior Healthcare Security Compliance Webcast Final1
Avior Healthcare Security Compliance Webcast Final1jhietala
 
HIPAA Audits Are Here to Stay – Key Preparation Strategies for Business Assoc...
HIPAA Audits Are Here to Stay – Key Preparation Strategies for Business Assoc...HIPAA Audits Are Here to Stay – Key Preparation Strategies for Business Assoc...
HIPAA Audits Are Here to Stay – Key Preparation Strategies for Business Assoc...Polsinelli PC
 
MindLeaf - HIPAA privacy and cybersecurity insurance
MindLeaf - HIPAA privacy and cybersecurity insuranceMindLeaf - HIPAA privacy and cybersecurity insurance
MindLeaf - HIPAA privacy and cybersecurity insurancemindleaftechnologies
 
T CompliIT Compliance: Shifting from Cost Center to Profit Center
T CompliIT Compliance: Shifting from Cost Center to Profit CenterT CompliIT Compliance: Shifting from Cost Center to Profit Center
T CompliIT Compliance: Shifting from Cost Center to Profit CenterGary Pennington
 
Chef: Compliance @ Velocity
Chef: Compliance @ VelocityChef: Compliance @ Velocity
Chef: Compliance @ VelocityChef
 
Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001PECB
 
ISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of PrivacyISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of PrivacyControlCase
 
Vendor risk management webinar 10022019 v1
Vendor risk management webinar 10022019 v1Vendor risk management webinar 10022019 v1
Vendor risk management webinar 10022019 v1ControlCase
 
IT Compliance: Shifting from Cost Center to Profit Center
IT Compliance: Shifting from Cost Center to Profit CenterIT Compliance: Shifting from Cost Center to Profit Center
IT Compliance: Shifting from Cost Center to Profit CenterGary Pennington
 
Use of the COBIT Security Baseline
Use of the COBIT Security BaselineUse of the COBIT Security Baseline
Use of the COBIT Security BaselineBarry Caplin
 

Similar a Surviving a HIPAA Audit: Five Crucial Steps (20)

Firehost Webinar: Getting Hipaa Compliant
Firehost Webinar: Getting Hipaa Compliant Firehost Webinar: Getting Hipaa Compliant
Firehost Webinar: Getting Hipaa Compliant
 
The must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challengeThe must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challenge
 
The eDiscovery Primer for Lotus Domino Admins
The eDiscovery Primer for Lotus Domino AdminsThe eDiscovery Primer for Lotus Domino Admins
The eDiscovery Primer for Lotus Domino Admins
 
An Insider's Guide to Security Review (October 13, 2014)
An Insider's Guide to Security Review (October 13, 2014)An Insider's Guide to Security Review (October 13, 2014)
An Insider's Guide to Security Review (October 13, 2014)
 
Feroot Smart Technology Privacy Summit: Fiduciary Finesse & Cybersecurity — W...
Feroot Smart Technology Privacy Summit: Fiduciary Finesse & Cybersecurity — W...Feroot Smart Technology Privacy Summit: Fiduciary Finesse & Cybersecurity — W...
Feroot Smart Technology Privacy Summit: Fiduciary Finesse & Cybersecurity — W...
 
Nine HIPAA Compliance Questions to ask Yourself
Nine HIPAA Compliance Questions to ask YourselfNine HIPAA Compliance Questions to ask Yourself
Nine HIPAA Compliance Questions to ask Yourself
 
Why a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA ComplianceWhy a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA Compliance
 
Building the Business Case for TPRM - DVV Solutions Breakfast Briefing March ...
Building the Business Case for TPRM - DVV Solutions Breakfast Briefing March ...Building the Business Case for TPRM - DVV Solutions Breakfast Briefing March ...
Building the Business Case for TPRM - DVV Solutions Breakfast Briefing March ...
 
Continous compliance october 2019 webinar (2)
Continous compliance october 2019 webinar (2)Continous compliance october 2019 webinar (2)
Continous compliance october 2019 webinar (2)
 
Avior Healthcare Security Compliance Webcast Final1
Avior Healthcare Security Compliance Webcast Final1Avior Healthcare Security Compliance Webcast Final1
Avior Healthcare Security Compliance Webcast Final1
 
HIPAA Audits Are Here to Stay – Key Preparation Strategies for Business Assoc...
HIPAA Audits Are Here to Stay – Key Preparation Strategies for Business Assoc...HIPAA Audits Are Here to Stay – Key Preparation Strategies for Business Assoc...
HIPAA Audits Are Here to Stay – Key Preparation Strategies for Business Assoc...
 
It32015 slides
It32015 slidesIt32015 slides
It32015 slides
 
MindLeaf - HIPAA privacy and cybersecurity insurance
MindLeaf - HIPAA privacy and cybersecurity insuranceMindLeaf - HIPAA privacy and cybersecurity insurance
MindLeaf - HIPAA privacy and cybersecurity insurance
 
T CompliIT Compliance: Shifting from Cost Center to Profit Center
T CompliIT Compliance: Shifting from Cost Center to Profit CenterT CompliIT Compliance: Shifting from Cost Center to Profit Center
T CompliIT Compliance: Shifting from Cost Center to Profit Center
 
Chef: Compliance @ Velocity
Chef: Compliance @ VelocityChef: Compliance @ Velocity
Chef: Compliance @ Velocity
 
Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001
 
ISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of PrivacyISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of Privacy
 
Vendor risk management webinar 10022019 v1
Vendor risk management webinar 10022019 v1Vendor risk management webinar 10022019 v1
Vendor risk management webinar 10022019 v1
 
IT Compliance: Shifting from Cost Center to Profit Center
IT Compliance: Shifting from Cost Center to Profit CenterIT Compliance: Shifting from Cost Center to Profit Center
IT Compliance: Shifting from Cost Center to Profit Center
 
Use of the COBIT Security Baseline
Use of the COBIT Security BaselineUse of the COBIT Security Baseline
Use of the COBIT Security Baseline
 

Más de Compliancy Group

HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...Compliancy Group
 
HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016Compliancy Group
 
How to safeguard ePHIi in the cloud
How to safeguard ePHIi in the cloud How to safeguard ePHIi in the cloud
How to safeguard ePHIi in the cloud Compliancy Group
 
Business Associates: How to differentiate your organization using HIPAA compl...
Business Associates: How to differentiate your organization using HIPAA compl...Business Associates: How to differentiate your organization using HIPAA compl...
Business Associates: How to differentiate your organization using HIPAA compl...Compliancy Group
 
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Compliancy Group
 
HIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowHIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowCompliancy Group
 
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...Compliancy Group
 
How to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 auditsHow to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 auditsCompliancy Group
 
Preparing for the unexpected in your medical practice
Preparing for the unexpected in your medical practicePreparing for the unexpected in your medical practice
Preparing for the unexpected in your medical practiceCompliancy Group
 
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...Compliancy Group
 
How to Survive a HIPAA Audit
How to Survive a HIPAA AuditHow to Survive a HIPAA Audit
How to Survive a HIPAA AuditCompliancy Group
 
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...Compliancy Group
 
How to Increase Your Profits Using Patient Payments on File, Recurring and On...
How to Increase Your Profits Using Patient Payments on File, Recurring and On...How to Increase Your Profits Using Patient Payments on File, Recurring and On...
How to Increase Your Profits Using Patient Payments on File, Recurring and On...Compliancy Group
 
HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINED
HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINEDHIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINED
HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINEDCompliancy Group
 
What you need to know about Meaningful Use 2 & interoperability
What you need to know about Meaningful Use 2 & interoperabilityWhat you need to know about Meaningful Use 2 & interoperability
What you need to know about Meaningful Use 2 & interoperabilityCompliancy Group
 
Just the Facts- Meaningful Use Stage 2 & ICD 10
Just the Facts- Meaningful Use Stage 2 & ICD 10Just the Facts- Meaningful Use Stage 2 & ICD 10
Just the Facts- Meaningful Use Stage 2 & ICD 10Compliancy Group
 
Is Your EHR Safe? New Technologies for Auditing
Is Your EHR Safe? New Technologies for AuditingIs Your EHR Safe? New Technologies for Auditing
Is Your EHR Safe? New Technologies for AuditingCompliancy Group
 
Business Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance InfographicBusiness Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance InfographicCompliancy Group
 
Surving a HIPAA Audit Infographic
Surving a HIPAA Audit InfographicSurving a HIPAA Audit Infographic
Surving a HIPAA Audit InfographicCompliancy Group
 

Más de Compliancy Group (20)

HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...
 
HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016
 
How to safeguard ePHIi in the cloud
How to safeguard ePHIi in the cloud How to safeguard ePHIi in the cloud
How to safeguard ePHIi in the cloud
 
Business Associates: How to differentiate your organization using HIPAA compl...
Business Associates: How to differentiate your organization using HIPAA compl...Business Associates: How to differentiate your organization using HIPAA compl...
Business Associates: How to differentiate your organization using HIPAA compl...
 
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
 
HIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowHIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to know
 
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
 
How to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 auditsHow to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 audits
 
Preparing for the unexpected in your medical practice
Preparing for the unexpected in your medical practicePreparing for the unexpected in your medical practice
Preparing for the unexpected in your medical practice
 
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
 
How to Survive a HIPAA Audit
How to Survive a HIPAA AuditHow to Survive a HIPAA Audit
How to Survive a HIPAA Audit
 
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
 
Meaningful Use vs HIPAA
Meaningful Use vs HIPAAMeaningful Use vs HIPAA
Meaningful Use vs HIPAA
 
How to Increase Your Profits Using Patient Payments on File, Recurring and On...
How to Increase Your Profits Using Patient Payments on File, Recurring and On...How to Increase Your Profits Using Patient Payments on File, Recurring and On...
How to Increase Your Profits Using Patient Payments on File, Recurring and On...
 
HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINED
HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINEDHIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINED
HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINED
 
What you need to know about Meaningful Use 2 & interoperability
What you need to know about Meaningful Use 2 & interoperabilityWhat you need to know about Meaningful Use 2 & interoperability
What you need to know about Meaningful Use 2 & interoperability
 
Just the Facts- Meaningful Use Stage 2 & ICD 10
Just the Facts- Meaningful Use Stage 2 & ICD 10Just the Facts- Meaningful Use Stage 2 & ICD 10
Just the Facts- Meaningful Use Stage 2 & ICD 10
 
Is Your EHR Safe? New Technologies for Auditing
Is Your EHR Safe? New Technologies for AuditingIs Your EHR Safe? New Technologies for Auditing
Is Your EHR Safe? New Technologies for Auditing
 
Business Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance InfographicBusiness Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance Infographic
 
Surving a HIPAA Audit Infographic
Surving a HIPAA Audit InfographicSurving a HIPAA Audit Infographic
Surving a HIPAA Audit Infographic
 

Último

Call Girls Service Nandiambakkam | 7001305949 At Low Cost Cash Payment Booking
Call Girls Service Nandiambakkam | 7001305949 At Low Cost Cash Payment BookingCall Girls Service Nandiambakkam | 7001305949 At Low Cost Cash Payment Booking
Call Girls Service Nandiambakkam | 7001305949 At Low Cost Cash Payment BookingNehru place Escorts
 
Call Girls Hsr Layout Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Hsr Layout Just Call 7001305949 Top Class Call Girl Service AvailableCall Girls Hsr Layout Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Hsr Layout Just Call 7001305949 Top Class Call Girl Service Availablenarwatsonia7
 
Book Call Girls in Yelahanka - For 7001305949 Cheap & Best with original Photos
Book Call Girls in Yelahanka - For 7001305949 Cheap & Best with original PhotosBook Call Girls in Yelahanka - For 7001305949 Cheap & Best with original Photos
Book Call Girls in Yelahanka - For 7001305949 Cheap & Best with original Photosnarwatsonia7
 
call girls in green park DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in green park DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in green park DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in green park DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️saminamagar
 
Call Girls Service In Shyam Nagar Whatsapp 8445551418 Independent Escort Service
Call Girls Service In Shyam Nagar Whatsapp 8445551418 Independent Escort ServiceCall Girls Service In Shyam Nagar Whatsapp 8445551418 Independent Escort Service
Call Girls Service In Shyam Nagar Whatsapp 8445551418 Independent Escort Serviceparulsinha
 
Call Girls In Andheri East Call 9920874524 Book Hot And Sexy Girls
Call Girls In Andheri East Call 9920874524 Book Hot And Sexy GirlsCall Girls In Andheri East Call 9920874524 Book Hot And Sexy Girls
Call Girls In Andheri East Call 9920874524 Book Hot And Sexy Girlsnehamumbai
 
Kolkata Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
Kolkata Call Girls Services 9907093804 @24x7 High Class Babes Here Call NowKolkata Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
Kolkata Call Girls Services 9907093804 @24x7 High Class Babes Here Call NowNehru place Escorts
 
Call Girl Service Bidadi - For 7001305949 Cheap & Best with original Photos
Call Girl Service Bidadi - For 7001305949 Cheap & Best with original PhotosCall Girl Service Bidadi - For 7001305949 Cheap & Best with original Photos
Call Girl Service Bidadi - For 7001305949 Cheap & Best with original Photosnarwatsonia7
 
Call Girls Service Chennai Jiya 7001305949 Independent Escort Service Chennai
Call Girls Service Chennai Jiya 7001305949 Independent Escort Service ChennaiCall Girls Service Chennai Jiya 7001305949 Independent Escort Service Chennai
Call Girls Service Chennai Jiya 7001305949 Independent Escort Service ChennaiNehru place Escorts
 
Call Girls Electronic City Just Call 7001305949 Top Class Call Girl Service A...
Call Girls Electronic City Just Call 7001305949 Top Class Call Girl Service A...Call Girls Electronic City Just Call 7001305949 Top Class Call Girl Service A...
Call Girls Electronic City Just Call 7001305949 Top Class Call Girl Service A...narwatsonia7
 
Asthma Review - GINA guidelines summary 2024
Asthma Review - GINA guidelines summary 2024Asthma Review - GINA guidelines summary 2024
Asthma Review - GINA guidelines summary 2024Gabriel Guevara MD
 
Bangalore Call Girls Marathahalli 📞 9907093804 High Profile Service 100% Safe
Bangalore Call Girls Marathahalli 📞 9907093804 High Profile Service 100% SafeBangalore Call Girls Marathahalli 📞 9907093804 High Profile Service 100% Safe
Bangalore Call Girls Marathahalli 📞 9907093804 High Profile Service 100% Safenarwatsonia7
 
See the 2,456 pharmacies on the National E-Pharmacy Platform
See the 2,456 pharmacies on the National E-Pharmacy PlatformSee the 2,456 pharmacies on the National E-Pharmacy Platform
See the 2,456 pharmacies on the National E-Pharmacy PlatformKweku Zurek
 
VIP Call Girls Lucknow Nandini 7001305949 Independent Escort Service Lucknow
VIP Call Girls Lucknow Nandini 7001305949 Independent Escort Service LucknowVIP Call Girls Lucknow Nandini 7001305949 Independent Escort Service Lucknow
VIP Call Girls Lucknow Nandini 7001305949 Independent Escort Service Lucknownarwatsonia7
 
Sonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
Sonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call NowSonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
Sonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call NowRiya Pathan
 
Call Girl Bangalore Nandini 7001305949 Independent Escort Service Bangalore
Call Girl Bangalore Nandini 7001305949 Independent Escort Service BangaloreCall Girl Bangalore Nandini 7001305949 Independent Escort Service Bangalore
Call Girl Bangalore Nandini 7001305949 Independent Escort Service Bangalorenarwatsonia7
 
Call Girls ITPL Just Call 7001305949 Top Class Call Girl Service Available
Call Girls ITPL Just Call 7001305949 Top Class Call Girl Service AvailableCall Girls ITPL Just Call 7001305949 Top Class Call Girl Service Available
Call Girls ITPL Just Call 7001305949 Top Class Call Girl Service Availablenarwatsonia7
 
College Call Girls Vyasarpadi Whatsapp 7001305949 Independent Escort Service
College Call Girls Vyasarpadi Whatsapp 7001305949 Independent Escort ServiceCollege Call Girls Vyasarpadi Whatsapp 7001305949 Independent Escort Service
College Call Girls Vyasarpadi Whatsapp 7001305949 Independent Escort ServiceNehru place Escorts
 
Aspirin presentation slides by Dr. Rewas Ali
Aspirin presentation slides by Dr. Rewas AliAspirin presentation slides by Dr. Rewas Ali
Aspirin presentation slides by Dr. Rewas AliRewAs ALI
 

Último (20)

Call Girls Service Nandiambakkam | 7001305949 At Low Cost Cash Payment Booking
Call Girls Service Nandiambakkam | 7001305949 At Low Cost Cash Payment BookingCall Girls Service Nandiambakkam | 7001305949 At Low Cost Cash Payment Booking
Call Girls Service Nandiambakkam | 7001305949 At Low Cost Cash Payment Booking
 
Call Girls Hsr Layout Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Hsr Layout Just Call 7001305949 Top Class Call Girl Service AvailableCall Girls Hsr Layout Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Hsr Layout Just Call 7001305949 Top Class Call Girl Service Available
 
Book Call Girls in Yelahanka - For 7001305949 Cheap & Best with original Photos
Book Call Girls in Yelahanka - For 7001305949 Cheap & Best with original PhotosBook Call Girls in Yelahanka - For 7001305949 Cheap & Best with original Photos
Book Call Girls in Yelahanka - For 7001305949 Cheap & Best with original Photos
 
call girls in green park DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in green park DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in green park DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in green park DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
 
Call Girls Service In Shyam Nagar Whatsapp 8445551418 Independent Escort Service
Call Girls Service In Shyam Nagar Whatsapp 8445551418 Independent Escort ServiceCall Girls Service In Shyam Nagar Whatsapp 8445551418 Independent Escort Service
Call Girls Service In Shyam Nagar Whatsapp 8445551418 Independent Escort Service
 
Call Girls In Andheri East Call 9920874524 Book Hot And Sexy Girls
Call Girls In Andheri East Call 9920874524 Book Hot And Sexy GirlsCall Girls In Andheri East Call 9920874524 Book Hot And Sexy Girls
Call Girls In Andheri East Call 9920874524 Book Hot And Sexy Girls
 
Kolkata Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
Kolkata Call Girls Services 9907093804 @24x7 High Class Babes Here Call NowKolkata Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
Kolkata Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
 
Call Girl Service Bidadi - For 7001305949 Cheap & Best with original Photos
Call Girl Service Bidadi - For 7001305949 Cheap & Best with original PhotosCall Girl Service Bidadi - For 7001305949 Cheap & Best with original Photos
Call Girl Service Bidadi - For 7001305949 Cheap & Best with original Photos
 
Call Girls Service Chennai Jiya 7001305949 Independent Escort Service Chennai
Call Girls Service Chennai Jiya 7001305949 Independent Escort Service ChennaiCall Girls Service Chennai Jiya 7001305949 Independent Escort Service Chennai
Call Girls Service Chennai Jiya 7001305949 Independent Escort Service Chennai
 
Call Girls Electronic City Just Call 7001305949 Top Class Call Girl Service A...
Call Girls Electronic City Just Call 7001305949 Top Class Call Girl Service A...Call Girls Electronic City Just Call 7001305949 Top Class Call Girl Service A...
Call Girls Electronic City Just Call 7001305949 Top Class Call Girl Service A...
 
Asthma Review - GINA guidelines summary 2024
Asthma Review - GINA guidelines summary 2024Asthma Review - GINA guidelines summary 2024
Asthma Review - GINA guidelines summary 2024
 
sauth delhi call girls in Bhajanpura 🔝 9953056974 🔝 escort Service
sauth delhi call girls in Bhajanpura 🔝 9953056974 🔝 escort Servicesauth delhi call girls in Bhajanpura 🔝 9953056974 🔝 escort Service
sauth delhi call girls in Bhajanpura 🔝 9953056974 🔝 escort Service
 
Bangalore Call Girls Marathahalli 📞 9907093804 High Profile Service 100% Safe
Bangalore Call Girls Marathahalli 📞 9907093804 High Profile Service 100% SafeBangalore Call Girls Marathahalli 📞 9907093804 High Profile Service 100% Safe
Bangalore Call Girls Marathahalli 📞 9907093804 High Profile Service 100% Safe
 
See the 2,456 pharmacies on the National E-Pharmacy Platform
See the 2,456 pharmacies on the National E-Pharmacy PlatformSee the 2,456 pharmacies on the National E-Pharmacy Platform
See the 2,456 pharmacies on the National E-Pharmacy Platform
 
VIP Call Girls Lucknow Nandini 7001305949 Independent Escort Service Lucknow
VIP Call Girls Lucknow Nandini 7001305949 Independent Escort Service LucknowVIP Call Girls Lucknow Nandini 7001305949 Independent Escort Service Lucknow
VIP Call Girls Lucknow Nandini 7001305949 Independent Escort Service Lucknow
 
Sonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
Sonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call NowSonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
Sonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
 
Call Girl Bangalore Nandini 7001305949 Independent Escort Service Bangalore
Call Girl Bangalore Nandini 7001305949 Independent Escort Service BangaloreCall Girl Bangalore Nandini 7001305949 Independent Escort Service Bangalore
Call Girl Bangalore Nandini 7001305949 Independent Escort Service Bangalore
 
Call Girls ITPL Just Call 7001305949 Top Class Call Girl Service Available
Call Girls ITPL Just Call 7001305949 Top Class Call Girl Service AvailableCall Girls ITPL Just Call 7001305949 Top Class Call Girl Service Available
Call Girls ITPL Just Call 7001305949 Top Class Call Girl Service Available
 
College Call Girls Vyasarpadi Whatsapp 7001305949 Independent Escort Service
College Call Girls Vyasarpadi Whatsapp 7001305949 Independent Escort ServiceCollege Call Girls Vyasarpadi Whatsapp 7001305949 Independent Escort Service
College Call Girls Vyasarpadi Whatsapp 7001305949 Independent Escort Service
 
Aspirin presentation slides by Dr. Rewas Ali
Aspirin presentation slides by Dr. Rewas AliAspirin presentation slides by Dr. Rewas Ali
Aspirin presentation slides by Dr. Rewas Ali
 

Surviving a HIPAA Audit: Five Crucial Steps

  • 1. 855.85HIPAA   www.compliancygroup.com   Industry leading Education Certified Partner Program •  Please ask questions •  For todays Slides http://compliancy-group.com/slides023/ •  Todays & Past webinars go to: http://compliancy-group.com/webinar/ Get Involved. #cgwebinar
  • 2. Surviving  a  HIPAA  Audit:   Five  Crucial  Steps RICHARD  WAGNER  
  • 4. Quick  Takeaway   The  HIPAA  Audit  program  sounds  scary     Challenge  –  think  of  this  as  an  opportunity   ◦  IT/Security/Compliance:  voice  can  be  heard   ◦  Providers:  beHer  serve  your  paIents  in  an  increasingly  unsecure  environment     Overall  theme:  tackle  the  priority  items,  then  move  onto  the  other  issues  
  • 5. Agenda HIPAA  Audit  Program  Overview   Pilot  Program  Results  and  Discussion   Five  Steps  to  Surviving  an  Audit   QuesIons  
  • 6. The  HIPAA  Audit  Program   Enacted  into  law  in  2009  (ARRA/HITECH)     Designed  to  combat  ex  post  enforcement     HHS’  Office  of  Civil  Rights  (OCR)  oversees  program,  but  most  work  contracted  out  to  consultants     Two  pilot  programs  (2012  and  2013)     Permanent  rollout  in  2014  
  • 7. Pilot:  2012-­‐2013   Caveat:  designed/implemented  before  Omnibus  Rule   ◦  Covered  EnIIes  only,  no  Business  Associates   ◦  Used  old  breach  analysis,  etc.     OCR  findings   ◦  Many  issues,  even  intenIonal  misrepresentaIons   ◦  Small  providers  had  the  most  difficulty   ◦  Security  flaws  dominated  findings  
  • 11. Points  of  Emphasis:  Privacy  Rule   Policies  and  procedures     Minimum  Use  
  • 12. Points  of  Emphasis:  Security  Rule   Risk  assessment,  risk  assessment,  and  risk  assessment     Mobile  device  security   ◦  Data  in  moIon   ◦  Data  at  rest     Security  incident  procedures   ◦  Ever  more  important  a`er  HIPAA  Omnibus  RegulaIons  went  into  effect  
  • 14. Step  #1  –  OrganizaOon   IniIal  document  request  period:  10  days  from  the  postmarked  audit  leHer     Done  by  design:  tesIng  your  response  Ime     Following  this  step  also  allows  you  to  assess  your  documentaIon  gaps     Update  old  documents     Establishing  an  audit  trail  
  • 16. Step  #2  –  Security  Risk  Assessment   The  most  important  document  you  need  for  HIPAA  compliance   ◦  Stressed  by  OCR  and  the  HIPAA  Audit  process   ◦  Also  has  great  pracIcal  value  –  a  risk  assessment  is  foundaIonal  to  proper  risk  management     Does  not  have  to  be  daunIng  –  scalable  according  to  size     What  you  need  to  assess   ◦  PotenIal  risks  and  vulnerabiliIes  to  the  confidenIality,  integrity,  and  availability  of  ePHI     Other  Ips  
  • 17. Step  #3  –  Plugging  the  PHI  Holes   Risk  management  –  comes  on  the  heels  of  your  risk  assessment     Document  everything   ◦  Remember,  the  goal  is  to  establish  an  audit  trail     PrioriIze  risk  miIgaIon  acIons  
  • 18. Step  #4  –  Business  Associate  Agreements   Update  your  BAA  to  reflect  Omnibus  changes   ◦  The  changes  aren’t  drasIc,  but  they  need  to  be  in  there     Make  sure  all  vendors  are  under  an  agreement   ◦  BAA  terms  and  complexity  needed  can  vary  from  provider  to  provider   ◦  Consult  your  aHorney  if  necessary     Get  subcontractor  assurances     Related  –  vendor  management  procedures  
  • 19. Step  #5  –  Training   Point  of  emphasis  in  the  audits,  so  documentaIon  is  criIcal     Don’t  limit  yourself  to  HIPAA  training   ◦  Security  awareness  should  be  included  as  well     Use  the  training  as  an  opportunity  to  gain  informaIon  
  • 20. Conclusions   Audits  signal  a  major  change  in  enforcement     As  worrisome  as  this  might  sound,  this  can  be  viewed  as  an  opportunity     Risk  assessment:  the  foundaIon     The  more  documentaIon,  the  beHer  
  • 21. QuesOons   Richard  Wagner     richard@qliqso`.com  
  • 22. Free  Demo  and  60  Day  Evaluation   www.compliancy-­‐group.com     855.85  HIPAA  (855.854.4722)   The Guard: One Simple, cost effective Compliance Tracking Solution that satisfies HIPAA, HITECH Risk Assessment, and Omnibus Compliance •  Reduces Risk & Liability •  Differentiates you from the competition •  Retain Clients/Patients •  Improve Revenue