Healthcare Information Security

What Covered Entities Need to Know about OCR HIPAA Audit​s

Posted on

Sponsored by: Iatric Systems

OCR announced Phase 2 of its HIPAA audit program in 2016, which would focus on desk audits to review how healthcare organizations – and business associates – adhere to the HIPAA Privacy, Security, and Breach Notification Rules. Healthcare organizations ​must have the right policies and procedures ​in ​place, but ​they ​should also be aware of the documented OCR compliance program.

Phase 1 ​audits had as their focus entities checking boxes off to ensure they had read the rules, addressed each required provision, and then included that in their policies and procedures. However, the ​latest round ​put the focus on compliance and action. But what exactly is OCR looking for? Even if they weren’t selected this time, how should covered entities and business associates prepare for a potential OCR HIPAA audit? What can healthcare organizations expect for the final OCR audit phase?

In this webcast, listeners will learn the basics of an OCR HIPAA audit and garner a better understanding of OCR’s 2017 to 2018 goals and objectives with regard to compliance review and potential enforcement.

  • Additionally, attendees can learn more about the following:
  • Best practices to uncover potential risk and vulnerabilities in the organization
  • Detect areas where technology can assist with compliance
  • How to approach vendor risk management, and the importance of business associate agreements
  • Why ongoing risk assessments are critical to basic HIPAA compliance

Please enter your email address to access this resource

Trouble Downloading? Email .(JavaScript must be enabled to view this email address)
You can view our privacy policy here.