Read Frequently Asked Questions
Preparing for a Centers for Medicare and Medicaid Services (CMS) Audit: What Not To Do
This CMS audit training will address the types of information CMS is seeking, the documentation that you need to have to demonstrate not only compliance, but good faith as well.
Why Should You Attend:
CMS is coming! Whether it’s a random compliance audit or resulting from a complaint, when the letter arrives announcing a CMS audit is coming in 30 days, what do you do, besides panic? What do you do if you are way out of compliance? How can you avoid a finding of willful neglect?
Almost all Covered Entities are likely not in compliance of some aspect of HIPAA to one degree or another, but demonstrations of good faith and intent to comply go along way with auditors.
Attend this 60-minute webinar to learn the basic elements of preparing for a CMS audit. By developing a plan, addressing shortcomings and deficiencies before the auditors arrive and having all the documentation available and up to date, you can survive a CMS audit and live to tell about it.
Areas Covered in the Webinar:
- The requirements of the HIPAA Privacy and Security Rules will be presented.
- The requirements of the CMS audit will be explained.
- A framework for creating a Audit Management Plan will be presented.
- The elements of a comprehensive plan will be discussed.
- An annual update process will be discussed to keep the plan up to date.
- The importance of documentation in the audit process will discussed.
Who will Benefit:
This webinar will provide valuable assistance to all personnel in medical offices, practice groups, hospitals, academic medical centers, insurers, business associates (shredding, data storage, systems vendors, billing services, etc). The titles that will benefit include:
- Compliance Director
- Privacy Officer
- Security Officer
- Information Systems Manager
- HIPAA Officer
- Chief Information Officer
- Health Information Manager
- Healthcare Counsel/lawyer
- Office/Clinic Manager
- Contracts Manager
- Office and clinical staff
- Business Associates
Mark Sexton, is co-owner of NVMedTech, an information security auditing and certification company focused on helping health care practitioners contend with the complex new federal regulations concerning information technology and private health information. He specializes in risk analysis/audit that covers all areas of a practice’s operation including: physical, data, personnel, information security, systems and network analyses. He frequently provides compliance training so practitioners can protect their patients and take advantage of financial government incentives.
Typically a CMS or other type of audit is the result of a claim, breach or other event that warranted an investigation. It could also be a random compliance audit conducted by CMS or one of its agents. Either way, they are coming and you need to be prepared. The steps you can take to prepare for a CMS audit can help alleviate the anxiety and unknowns and help prevent a finding, fine or worse.
Once an audit notification has been received, you need to develop a plan and strategy for managing the audit. Assign personnel to review the organizations Privacy and Security policies and procedures to ensure they are complete and up to date. Review all documentation, such as training records, security logs, and patient authorizations to make sure they are current. Make sure the risk assessment is not dated; that no material changes to the operations of facility have occurred since the risk assessment was conducted and that all the support documentation from the assessment available. There are other types of information and documentation that will help your case in an audit, and we will cover those as well.
An audit strategy and specific personnel should be identified for managing the process. Elements of this strategy include the known, real situation of the organization. If you are way out of compliance, there is no way you can demonstrate that in 30 days, but what you can do is show good faith effort toward compliance and work with the auditors and not against them. In this scenario, you want to avoid a finding of willful neglect. A finding of willful neglect means you knew and failed to act and the fines and findings will be substantially harsher.
ComplianceOnline would process/provide refund only if the Live Webinar has been cancelled. The attendee could choose between the recorded version of the webinar or refund for any cancelled webinar. Refunds will not be given to participants who do not show up for the webinar. On-Demand Recordings can be requested in exchange. Webinar may be cancelled due to lack of enrolment or unavoidable factors. Registrants will be notified 24hours in advance if a cancellation occurs."
For substitution, please email firstname.lastname@example.org or call +1-650-620-3937.
This training hasn't been reviewed yet.