HIPAA Audits: Preparing for Phase 2 Audits for Covered Entities and Business Associates
Developing, Ensuring and Documenting HIPAA and HITECH Privacy and Security Compliance
Recording of a 90-minute CLE webinar with Q&A
This CLE webinar will provide guidance for healthcare counsel on the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) Phase 2 HIPAA audits, including preparing for OCR audits, conducting self-audits, and minimizing the risks of HIPAA noncompliance.
Outline
- OCR’s Phase 2 HIPAA audits
- Who will be included and selection process
- Scope
- Timelines
- Audit process
- Lessons learned from past audits
- Preparing for an OCR audit
- Conducting a self-audit
- Policies addressing privacy
- Security of PHI
- Reporting procedures
- Best practices for identifying and minimizing risks of noncompliance
Benefits
The panel will address these and other key issues:
- What lessons can be learned from OCR’s Phase 1 audits?
- What is the Phase 2 audit process?
- What steps should covered entities and business associates take to prepare for OCR audits?
- What practices should covered entities and business associates employ to successfully navigate a Phase 2 audit?
Faculty
Dianne J. Bourque
Member
Mintz Levin Cohn Ferris Glovsky and Popeo
Ms. Bourque counsels clients on the requirements of the HIPAA Privacy Rule and Security Standards. She regularly... | Read More
Ms. Bourque counsels clients on the requirements of the HIPAA Privacy Rule and Security Standards. She regularly assists clients with the implementation of HIPAA-mandated policies and procedures, privacy audits, third-party requests for information, and review of HIPAA-related contracts and forms. She also assists clients with the management of data breaches and other losses of protected health information
CloseRyan S. Higgins
McDermott Will & Emery
Mr. Higgins focuses his practice on representing hospitals, health systems, private equity firms and platform... | Read More
Mr. Higgins focuses his practice on representing hospitals, health systems, private equity firms and platform companies, and other healthcare organizations in corporate and transactional matters, including M&As, joint ventures and management arrangements. He also focuses a significant portion of his practice on representing healthcare organizations in matters involving health information privacy and security and HIPAA compliance.
Close