| 
 HIPAA | Compliance | Audit | Certification | Training
|
| HIPAA – PHI – EPHI - HITECH, signed into law by Congress February 17, 2009, requires OCR to conduct “periodic audits” of covered entities regarding HIPAA privacy and security compliance. Not having your practice audited to HIPAA standards is like not having malpractice insurance, like driving without a seat belt…it just does not make sense. There is no reason to operate your practice, not knowing where your practice stands in relation to the HIPAA Regulations. |
| Avoid HIPAA audits with preparation and communication. Now that HIPAA has contracted with PricewaterhouseCoopers (PwC) to conduct security audits of covered entities, healthcare organizations face the prospect of preemptive, third-party compliance evaluations for the first time in HIPAA history. HIPAA may audit to determine overall security prepared-ness or to verify implementation of corrective action plans in response to a complaint. Because HIPAA will target covered entities against which there are already security complaints, avoiding the scrutiny of a HIPAA complaint investigation will become increasing¬ly important. This requires prevention, communication, and preparation for the worst-case scenario. |
| Many Medical Practices have neither the time nor the resources necessary to meet the HIPAA requirement for an appointed privacy officer to oversee the development, implementation, and maintenance of your policies and procedures. An outsourced privacy officer may be your answer. Y Risk Healthcare Consultants / Auditors HIPAA consultant will be assigned to your practice to serve in this capacity to: Educate employees and providers. Over see your HIPAA / PHI / EPHI privacy policies Update and implement new or modified policies and procedures Serve as your resource for all HIPAA / PHI / EPHI-related matters. Having a Y Risk Healthcare Consultants / Auditors privacy officer available only when needed offers a simple, cost-effective solution to the dilemma of adhering to the HIPAA requirements. |
A New HIPAA Enforcement Program. The Department of Health and Human Services (DHHS) just granted a contract to KPMG, a large consulting and auditing firm, to develop audit tools for auditing and then performing these audits on upwards next year. Entities are supposed to be selected at random, not necessarily because they have had a HIPAA violation or a breach. Of course, the tool is in place, it is not hard to see an audit becoming part of an enforcement action in the future. In any case, now is the time to get serious about performing a HIPAA Risk Assessment, making sure your staff is trained in your policies and that those policies are up to date. A HIPAA Risk Assessment has long been a requirement for Covered Entities as part of the original HIPAA Privacy Rule from 2003. However, the HITECH Act of 2009 established a requirement for healthcare organizations applying for HITECH Act EHR Meaningful Use incentives to complete a HIPAA Risk Assessment. Now we have the possibility of an audit by the Office of Civil Rights that reviews your organization’s HIPAA compliance.
|
| HIPAA compliance is vital to the survival of your practice. | HIPAA violations could fine your practice into bankruptcy. | | The DHHS/CMS/OCR will likewise, walk all over your practice by doing HIPAA audits. | Physicians / Dental Practice HIPAA Crackdown Is Likely Get Ready Stricter Enforcement of Privacy/ Security Rules
| | HIPAA – PHI - EPHI Practical and compliance training for your managers and staff | Duck and Cover! Are You Ready for a HIPAA Audit? |
Take the worry out of HIPAA training for your Staff. This creative, cost-effective resource helps you establish and reinforce information privacy and security awareness at your facility. There's no easier way to fulfill HIPAA's requirement for providing periodic reminders to your facility's workforce. These realistic training exercises support key HIPAA and HITECH principles and breach notification points, instilling the day-to-day best practices you expect your staff to follow. |
HIPAA | Compliance | Audit | Certification | Training |
|