Preparing for HIPAA Audits - Have Your Documentation Ready

Event Information
Product Format
Prerecorded Event
60 Minutes
Product Description

How To Limit Your Exposure, Prevent Incidents That Lead To Enforcement Activity, And Survive A HIPAA Audit!

The random HIPAA Compliance Audit program has had a year of trial audits, and those audits have been a trial for the entities that received them.  The US Department of Health and Human Services has reviewed the results of that work and the new HIPAA audit program is being revived in Fiscal Year 2014.  USDHHS has published the protocol used for the 2012 HIPAA audits by the HHS contractors, so it is possible to know much better now how to prepare for an audit.  Nearly any health care covered entity may be subject to an audit; all entities need to know what kinds of information they'll need to provide and how to prevent issues that could lead to violations and fines.

The new HIPAA rule calls for audits irrespective of a complaint or breach, whereas previously, audits had been performed only at entities that reported a breach or had a complaint filed against them. Now the HHS Office for Civil Rights (OCR) can show up anytime to perform an audit, and your organization will need to provide a response in less than fifteen business days. Surviving a HIPAA audit becomes much easier if you knowing what questions have been asked in at prior HIPAA compliance audits.

The new HIPAA rules have higher fines, including mandatory minimum fines of $10,000 for willful neglect of compliance. For this reason, it’s more important to be ready for an audit, as officials have publicly stated that enforcement is now a priority.

In this audio session, Jim Sheldon-Dean will review the HIPAA audit program and how it works. He’ll also review  the contents of the HIPAA Audit Protocol used in 2012 to explain the documentation that needs to be on hand should your organization be selected for an audit in 2014

The HIPAA Audit Protocol is not necessarily easy to use in its incarnation as a Web-based tool, and it does have several deficiencies because of the changes in the rules that became enforceable September 23, 2013. This session will present methods for using the contents of the HIPAA Audit Protocol to build your own compliance plan by extracting and updating the contents and relating your compliance activities directly to the questions that might be asked.

Jim will discuss the enforcement regulations and processes of HIPAA audit, and how they apply to HIPAA covered entities and business associates, and the new random HIPAA compliance audit program in particular.  You’ll get an explanation of the enforcement regulations and the recent changes that increase fines

You’ll know the information and documentation requirements for surviving an audit, so that you can be ready for an audit at any time.  Sample information request forms and questions asked at prior audits, including the new HIPAA Audit Protocol

Also, find out if you can become the subject of an audit or enforcement action, and what all you can do to limit your exposure. In this session, we’ll discuss how most enforcement actions come about and what can be done to prevent incidents that lead to enforcement activity

Comprehend the recent changes to HIPAA Privacy, Security, and Breach Notification regulations and how they will be audited. Also, understand the documentation requirements and a framework of security policies for compliance

Jim will also discuss the HIPAA Audit Protocol questions and ways of using the content to develop a compliance plan. Also, get the process of exporting the questions and a sample spreadsheet showing the results

Find out the results of prior HHS audits and their penalties, including recent actions involving multi-million dollar fines and settlements. Also, know how to prepare for an audit and respond to an audit request, basically a thorough plan for attaining compliance.  Plus, get insights on the upcoming trends in information security risks, so that you can stay in compliance and keep patient information private and secure

Take a look at the highlights:

  • The HIPAA Random Audit program is being refocused and redefined to make it more relevant to finding and correcting some of the most prevalent security and privacy compliance issues, based on the experience gained in the 2012 audits of 115 HIPAA covered entities.
  • Violations of the HIPAA regulations can be very expensive; the mandatory fines for willful negligence now begin at $10,000 minimum
  • In past HIPAA Audits have been rare, but that's changing now - the HHS is now auditing HIPAA covered entities and business associates even if there have been no complaints or problems reported
  • Examine the HIPAA Audit Protocol used in 2012, along with the sets of questions asked at other HIPAA audits previously
  • Find out what HHS OCR is likely to ask you if you are selected for an audit, and what you'll have to have prepared already when they do
  • Find out the rules and policies that you need to comply with and can adopt for staying compliant
  • Learn the new HIPAA rules and what you need to do to keep up with them
  • Understand why having a good compliance process can help you stay compliant more easily
  • Know the documentation requirement for surviving an audit and avoiding fines
  • Identify how to export the contents of the HIPAA Audit Protocol and use them as the foundation of your compliance activities and documentation

Who should attend? Compliance Manager, HIPAA Officer, Chief Information Officer, Health Information Manager, Medical Office Manager, Medical Practice Lawyer, CFO, CEO, COO. Privacy Officer, Information Security Officer.

Order Below or Call 1-866-458-2965 Today

You can also order through:



About Our Speaker

Jim Sheldon Dean - HIPAA Compliance & Regulations Expert

Jim Sheldon-Dean is a healthcare compliance and HIPAA expert in the areas of privacy and security regulatory compliance and business process analysis, He is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of healthcare entities. Jim is a frequent speaker regarding HIPAA...   More Info
More Events By The Speaker

Why AudioEducator?
  • Save money on travel.
  • Meet your specific training needs.
  • Keep learning after the event.
  • Save time training your whole staff.
Our Accreditation Partners