This webinar will provide valuable information for organizations subject to HIPAA, directly or indirectly (such as Business Associates).
Healthcare organizations subject to the Health Insurance Portability and Accountability Act (HIPAA) know that by now they are expected to be in full compliance with the Security Rule. But there has been no significant enforcement effort on the part of the US Department of Health and Human Services (HHS). Hence, some organizations have not been very concerned about ensuring full regulatory compliance.
However, the HHS Office of Inspector General (OIG) fiscal 2007 work plan includes auditing for HIPAA security compliance. In the spring of 2007 the OIG began with an audit of Piedmont Hospital in Atlanta, Georgia.
While we don’t yet know the outcome and specific findings, we do have an idea of what the OIG is looking for in a HIPAA security audit. A list of documents requested of the hospital by the OIG has been made public. It may surprise some people and catch others off guard.
Explore this list of policies, procedures and other documents with an industry expert to learn what the OIG is looking for. Consider whether your organization is positioned to respond thoroughly and promptly if the OIG picks it for the next audit.
Areas Covered in the seminar:
- The dangers of reading HIPAA’s security rule too literally.
- A close review of the 42 items requested by the OIG.
- Be prepared: Strategies to protect your organization from HHS regulatory penalties and worse – while protecting your patients.
Who Will Benefit:
This webinar will provide valuable information for organizations subject to HIPAA, directly or indirectly (such as Business Associates).
- Information security officers
- IT management
- Compliance and privacy officers
- Risk managers
Instructor Profile:
Kate Borten, President and Founder of the Marblehead Group, Inc. bring to clients a unique combination of expertise in information security, privacy, and IT from over twenty years inside the healthcare industry. She led the first corporate-wide information security program at Massachusetts General Hospital, and she is the former Chief Information Security Officer at Care Group.
Ms. Borten is a nationally recognized expert on HIPAA and health information privacy and security, and a frequent speaker on the topic. She is a contributing author to Auerbach Publications’ Information Security Management Handbook; author of HIPAA Security Made Simple (HCPro, Inc. 2003) and Guide to HIPAA Security Risk Analysis (HCPro, Inc. 2004); contributor to newsletters on HIPAA privacy and security; and three-year chair of HealthSec, the premier annual conference on information security in healthcare.
The Marblehead Group (marbleheadgroup.com) provides security training seminars, risk assessment, security program development, and HIPAA compliance auditing to the healthcare industry.
