Health Informa.on Technology Audits: "Meaningful Use" and HIPAA. January 23, 2015 Eli Poliakoff Gary Capps
|
|
- Deborah Ramsey
- 8 years ago
- Views:
Transcription
1 Health Informa.on Technology Audits: "Meaningful Use" and HIPAA January 23, 2015 Eli Poliakoff Gary Capps 1
2 HITECH - Related Audits Health Informa.on Technology for Economic and Clinical Health Act ("HITECH") of 2009 "Meaningful Use" Audits Ø Electronic Health Records Incen.ve Program HIPAA Compliance Audits 2
3 "Meaningful Use" Audits Meaningful Use of Electronic Health Records ("EHRs") EHR Incen.ve Program Ø $24 Billion Paid as of May 2014 Ø Eligible Professionals/Eligible Hospitals Ø Medicare/Medicaid Ø AQesta.on Process Figliozzi & Company Provider Resources Inc. SC DHHS Division of Audits
4 AQesta.on I certify that the foregoing information is true, accurate and complete. I understand that the Medicare EHR Incentive Program payment I requested will be paid from Federal funds, that by filing this attestation I am submitting a claim for Federal funds, and that the use of any false claims, statements or documents, or the concealment of a material fact used to obtain a Medicare EHR Incentive Program payment, may be prosecuted under applicable Federal or State criminal laws and may also be subject to civil penalties. It is mandatory that you tell us if you believe you have been overpaid under the Medicare EHR Incentive Program. The Patient Protection and Affordable Care Act, Section 6402, Section 1128J, provides penalties for withholding this information. 4
5 5
6 Audit Process 5% - 10% Subject to Audit Pre- Payment or Post- Payment Six Years Following AQesta.on Random vs. Targeted Common Areas of Focus Appeal Process Ø Provider Resources Inc. SC DHHS Division of Audits
7 Medicare Audit Program Results As of September 2014: Eligible Professionals Ø About 10,000 Audits Ø 23% Failure Rate Ø Average Recoupment: $17,000 Eligible Hospitals Ø About 650 Audits Ø 5% Failure Rate Ø Average Recoupment: $1.1 million 7
8 Tips/Sugges.ons Respond Quickly; Request Extension Maintain Updated Contact Informa.on Retain Suppor.ng Documenta.on Retain/Document Source Data Document Exclusions Vendor Contract Provisions Ø Cer.fica.on Ø Disclosure Ø Technical Capabili.es Security Risk Analysis Ø HIPAA Review Implica.ons 8
9 HIPAA Audits Sec.on of the HITECH Act requires the U.S. Department of Health and Human Services (HHS) to provide for periodic audits to ensure covered en..es and business associates are complying with the HIPAA Privacy and Security Rules and the Breach No.fica.on standards. 9
10 Pilot Program In 2011, HHS Office for Civil Rights (OCR) established a pilot audit program to assess the controls and processes covered en..es have implemented to comply with them. OCR engaged KPMG to conduct the audits. The audit program analyzed processes, controls, and policies of selected covered en..es pursuant to the HITECH Act audit mandate. 115 total audits 47 health plans 61 health care providers 7 health care clearinghouses 10
11 Pilot Program Pilot Audit Program results findings and observa.ons of noncompliance 293 privacy 593 security 94 breach no.fica.on 60% of findings and observa.ons related to security rule deficiencies two- thirds of the en..es audited did not have a complete and accurate risk assessment. Smaller en..es had the most difficulty and struggled with all three areas. Most common cause for noncompliance in findings and observa.ons: En#ty unaware of requirement 11
12 Audit Protocol Through the pilot audit program, OCR established a comprehensive audit protocol that contains the requirements to be assessed through these performance audits. 12
13 Audit Protocol The audit protocol covers Privacy Rule requirements for the following: no.ce of privacy prac.ces for PHI; rights to request privacy protec.on for PHI; access of individuals to PHI; administra.ve requirements; uses and disclosures of PHI; amendment of PHI; and accoun.ng of disclosures. The protocol also covers Security Rule requirements for administra.ve, physical, and technical safeguards and the requirements for the Breach No.fica.on Rule. 13
14 Phase 2 Audits In a February 24, 2014 no.ce in the Federal Register, OCR announced its plan to survey 1200 covered en..es and business associates. OCR ini.ally announced that Phase 2 audits would begin in the fall of However, OCR officials have recently stated that the agency is not yet ready to announce the dates of the Phase 2 HIPAA audits. According to these officials, the delay is due to issues with building an online portal that will facilitate submission of documents to the agency. 14
15 What to Expect Audits will be preceded by pre- audit surveys Business associates will now be included Both desk audits and on- site audits Focus on risk areas iden.fied in pilot audits Risk assessments Requirements for access to PHI No.ce of privacy prac.ces Timing and content of breach no.fica.ons 15
16 Contacts Eli Poliakoff (843) Gary Capps (803)
Agenda. OCR Audits of HIPAA Privacy, Security and Breach Notification, Phase 2. Linda Sanches, MPH Senior Advisor, Health Information Privacy 4/1/2014
OCR Audits of HIPAA Privacy, Security and Breach Notification, Phase 2 Linda Sanches, MPH Senior Advisor, Health Information Privacy HCCA Compliance Institute March 31, 2014 Agenda Background Audit Phase
More informationPrivacy and Security Meaningful Use Requirement HIPAA Readiness Review
Privacy and Security Meaningful Use Requirement HIPAA Readiness Review REACH - Achieving - Achieving meaningful meaningful use of your use EHR of your EHR Patti Kritzberger, RHIT, CHPS ND e-health Summit
More informationHIPAA Breaches, Security Risk Analysis, and Audits
HIPAA Breaches, Security Risk Analysis, and Audits Derrick Hill Senior Health IT Advisor Kentucky REC What cons?tutes PHI? HIPAA provides a list of 18 iden?fiers that cons?tute PHI. Any one of these iden?fiers
More informationHIT Audit Workshop. Jeffrey W. Short. jshort@hallrender.com
HIT Audit Workshop Jeffrey W. Short jshort@hallrender.com 1 Audits and Investigations to be Discussed Meaningful Use Audits HIPAA Audits Data Breach Investigations Software Vendor Audits FTC Investigations
More information2/9/2012. 2012 HIPAA Privacy and Security Audit Readiness. Table of contents
2012 HIPAA Privacy and Security Audit Readiness Mark M. Johnson National HIPAA Services Director Table of contents Page Background 2 Regulatory Background and HITECH Impacts 3 Office of Civil Rights (OCR)
More informationHIPAA - Breaking News!
Health IT and Meaningful Use Update Nebraska Healthcare Quality Forum June 4, 2014 Barbara E. Person and Michael W. Chase Baird Holm LLP #1258792 HIPAA - Breaking News! Office for Civil Rights (OCR) will
More informationWelcome to the Privacy and Security PowerPoint presentation in the Data Analytics Toolkit. This presentation will provide introductory information
Welcome to the Privacy and Security PowerPoint presentation in the Data Analytics Toolkit. This presentation will provide introductory information about HIPAA, the HITECH-HIPAA Omnibus Privacy Act, how
More informationEnsuring Privacy & Security of Patient Information
Ensuring Privacy & Security of Patient Information Danika Brinda, Assistant Professor and REACH P&S Subject Matter Expert Jane McGrath, Program Manager REACH/Stratis Health Session 12, Thursday, June 12,
More informationHIPAA Secure Now! How MSPs Can Profit From Selling HIPAA security services
HIPAA Secure Now! How MSPs Can Profit From Selling HIPAA security services How MSPs can profit from selling HIPAA security services Managed Service Providers (MSP) can use the Health Insurance Portability
More informationTools to Prepare and Protect Your Practice for HIPAA and Meaningful Use Audits
Tools to Prepare and Protect Your Practice for HIPAA and Meaningful Use Audits Presented by: Don Waechter, Managing Partner Health Compliance Partners Ann Breitinger, Attorney Blalock Walters Legal Disclaimer
More informationSunday March 30, 2014, 9am noon HCCA Conference, San Diego
Meaningful Use as it Relates to HIPAA Compliance Sunday March 30, 2014, 9am noon HCCA Conference, San Diego CLAconnect.com Objectives and Agenda Understand the statutory and regulatory background and purpose
More informationBuild a HIPAA- Compliant Prac5ce. Wes Strickling, Founder & CEO
Build a HIPAA- Compliant Prac5ce Wes Strickling, Founder & CEO Agenda What is HIPAA Compliance? What does it mean to your prac5ce? What should you do? Q & A What Is HIPAA Compliance? Health Insurance Portability
More informationEMR and Meaningful Use. How to Prepare for Audits and Avoid Penalties
EMR and Meaningful Use How to Prepare for Audits and Avoid Penalties Payment Adjustments for Eligible Professionals who are not Users of Certified Electronic Health Records (EHR) Technology Off-Label Use
More informationAudit Alert: Are You Prepared? You Have A Good Chance of Being Selected
Audit Alert: Are You Prepared? You Have A Good Chance of Being Selected HIT Summit July 26, 2014 Lee Castonguay Hawaii Pacific Regional Extension Center lcastonguay@hawaiihie.org Or How to keep your incentive
More informationThe OCR Audit Protocol a first look
The OCR Audit Protocol a first look On June 26, 2012, the Office for Civil Rights published its Audit Protocols for HIPAA Security, HIPAA Breach and Privacy at http://ocrnotifications.hhs.gov/hipaa.html.
More informationHow To Be A Good Medicare Patient
BEST PRACTICES FOR MEDICARE AND MEDICAID EMR INCENTIVE PROGRAMS 1 Regina Gurvich, MBA CHC Chief Compliance Officer, AdvantageCare Physicians Monitoring compliance with Meaningful Use requirements Audit-ready
More informationBEST PRACTICES FOR MEDICARE
BEST PRACTICES FOR MEDICARE AND MEDICAID EMR INCENTIVE PROGRAMS 1 Regina Gurvich, MBA CHC Chief Compliance Officer, AdvantageCare Physicians Monitoring compliance with Meaningful Use requirements Audit-ready
More informationObjectives 5/5/2015. Quality Health Associates (QHA) of ND
Privacy and Security: HIPAA/HITECH/Meaningful Use Looking Back, Forging Ahead Patti Kritzberger, RHIT, CHPS Quality Health Associates of North Dakota HIT/Quality Improvement Specialist Quality Health Associates
More informationWho are we? *Founded in 2005 by Purdue University, the Regenstrief Center for Healthcare Engineering, and the Indiana Hospital Association.
Who are we? Purdue Healthcare Advisors (PHA)*, a business unit of Purdue University, specializes in affordable assistance to organizations that share our passion for healthcare transformation. We bring
More informationThe HIPAA Audit Program
The HIPAA Audit Program Anna C. Watterson Davis Wright Tremaine LLP The U.S. Department of Health and Human Services (HHS) was given authority, and a mandate, to conduct periodic audits of HIPAA 1 compliance
More informationOCR HIPAA AUDITS THEY RE BACK!
OCR HIPAA AUDITS THEY RE BACK! Chris Apgar, CISSP 2016 OVERVIEW OCR Audit Program Overview What to Expect if OCR s Auditors Show Up Potential Penalties and Other OCR Actions How to Prepare for an Audit
More informationHIPAA COMPLIANCE PLAN FOR 2013
HIPAA COMPLIANCE PLAN FOR 2013 Welcome! Presentor is Rebecca Morehead, Practice Manager Strategist www.practicemanagersolutions.com Meaningful Use? As a way to encourage hospitals and providers to adopt
More informationTo start the pre-approval process, providers must fill out a short online survey, available at: https://www.surveymonkey.com/s/hrszft2.
Maryland Medicaid EHR Incentive Program Attestation Form for Eligible Providers to Meet Program Requirements Under the Certified Electronic Health Record (CEHRT) Flexibility Rule for Program Year 2014
More informationThe HITECH Act: Implications to HIPAA Covered Entities and Business Associates. Linn F. Freedman, Esq.
The HITECH Act: Implications to HIPAA Covered Entities and Business Associates Linn F. Freedman, Esq. Introduction and Overview On February 17, 2009, President Obama signed P.L. 111-05, the American Recovery
More informationHIPAA: AN OVERVIEW September 2013
HIPAA: AN OVERVIEW September 2013 Introduction The Health Insurance Portability and Accountability Act of 1996, known as HIPAA, was enacted on August 21, 1996. The overall goal was to simplify and streamline
More informationData Breach, Electronic Health Records and Healthcare Reform
Data Breach, Electronic Health Records and Healthcare Reform (This presentation is for informational purposes only and it is not intended, and should not be relied upon, as legal advice.) Overview of HIPAA
More informationEmpowering Nurses & Building Trust Through Health IT
Empowering Nurses & Building Trust Through Health IT Helen Caton-Peters, MSN, RN Health Information Privacy & Security Specialist Office of the National Coordinator for Health Information Technology 2
More informationMeaningful Use and Security Risk Analysis
Meaningful Use and Security Risk Analysis Meeting the Measure Security in Transition Executive Summary Is your organization adopting Meaningful Use, either to gain incentive payouts or to avoid penalties?
More informationPreparing for and Responding to an OCR HIPAA Audit
Preparing for and Responding to Carole Klove Carole.Klove@ucsfmedctr.or g Gerry Hinkley gerry.hinkley@pillsburylaw.com SIXTH NATIONAL HIPAA SUMMIT WEST October 10-12, 2012 Overview Background What to expect
More informationHIPAA Audits Are Happening. eroi
HIPAA Audits Are Happening. eroi Are You at Risk? efiling Advanced efile Form Completion Charting Host: Kathryn Ayers Wickenhauser Meaningful Use / HIPAA Compliance Consultant Kathryn.Wickenhauser@DatafileTechnologies.com
More informationTrust 9/10/2015. Why Does Privacy and Security Matter? Who Must Comply with HIPAA Rules? HIPAA Breaches, Security Risk Analysis, and Audits
HIPAA Breaches, Security Risk Analysis, and Audits Derrick Hill Senior Health IT Advisor Kentucky REC Why Does Privacy and Security Matter? Trust Who Must Comply with HIPAA Rules? Covered Entities (CE)
More informationHIPAA Overview. Darren Skyles, Partner McGinnis Lochridge. Darren S. Skyles dskyles@mcginnislaw.com
HIPAA Overview Darren Skyles, Partner McGinnis Lochridge HIPAA Health Insurance Portability and Accountability Act of 1996 Electronic transaction and code sets: Adopted standards for electronic transactions
More informationIndustry leading Education
Industry leading Education Please ask questions #CGwebinar Todays slides are available http://compliancy- group.com/slides023/ Past webinars and recordings http://compliancy- group.com/webinar/ 855.85HIPAA
More informationUNDERSTANDING MEANINGFUL USE AND EHR. Raymond F. Posa, MBA
UNDERSTANDING MEANINGFUL USE AND EHR Raymond F. Posa, MBA Core Measure 15 - Is your Practice Ready? Meaningful Use Incentive Program 80% of all participants failing their audits are due to deficiencies
More informationWelcome to ChiroCare s Fourth Annual Fall Business Summit. October 3, 2013
Welcome to ChiroCare s Fourth Annual Fall Business Summit October 3, 2013 HIPAA Compliance Regulatory Overview & Implementation Tips for Providers Agenda Green packet Overview of general HIPAA terms and
More informationHIPAA Privacy, Security and Breach Notification Audits
HIPAA Privacy, Security and Breach Notification Audits Program Overview & Initial Analysis Verne Rinker JD, MPH 2013 NIST / OCR Security Rule Conference May 21-22, 2013 Program Mandate HITECH Act, Section
More informationAHLA. B. HIPAA Compliance Audits. Marti Arvin Chief Compliance Officer UCLA Health System and David Geffen School of Medicine Los Angeles, CA
AHLA B. HIPAA Compliance Audits Marti Arvin Chief Compliance Officer UCLA Health System and David Geffen School of Medicine Los Angeles, CA Anna C. Watterson Davis Wright Tremaine LLP Washington, DC Fraud
More informationThe benefits you need... from the name you know and trust
The benefits you need... Privacy and Security Best at Practices the price you can afford... Guide from the name you know and trust The Independence Blue Cross (IBC) Privacy and Security Best Practices
More informationMeaningful Use Audit Red Flags: Pay Careful Attention To The Security Risk Analysis - Or Else
Meaningful Use Audit Red Flags: Pay Careful Attention To The Security Risk Analysis - Or Else Jim Tate Founder: EMR Advocate, Inc. Managing Partner: HITECH Answers Author of The Incentive Roadmap The Meaningful
More informationShipman & Goodwin LLP. HIPAA Alert STIMULUS PACKAGE SIGNIFICANTLY EXPANDS HIPAA REQUIREMENTS
Shipman & Goodwin LLP HIPAA Alert March 2009 STIMULUS PACKAGE SIGNIFICANTLY EXPANDS HIPAA REQUIREMENTS The economic stimulus package, officially named the American Recovery and Reinvestment Act of 2009
More information2012 HIPAA Privacy and Security Audits
Office of the Secretary Office for Civil Rights (OCR) 2012 HIPAA Privacy and Security Audits Linda Sanches OCR Senior Advisor, Health Information Privacy Lead, HIPAA Compliance Audits OCR 1 Agenda Background
More informationSomansa Data Security and Regulatory Compliance for Healthcare
Somansa White Paper Somansa Data Security and Regulatory Compliance for Healthcare How Somansa can protect ephi- electronic patient health information and meet the requirements for healthcare compliances,
More informationPreparing for HIPAA and Meaningful Use Compliance Audits
Preparing for HIPAA and Meaningful Use Compliance Audits Presented by: David Holtzman VP of Compliance, CynergisTek CynergisTek, Inc. 11410 Jollyville Road, Suite 2201, Austin TX 78759 512.402.8550 info@cynergistek.com
More informationHIPAA Hot Topics. Audits, the Latest on Enforcement and the Impact of Breaches. September 2012. Nashville Knoxville Memphis Washington, D.C.
HIPAA Hot Topics Audits, the Latest on Enforcement and the Impact of Breaches September 2012 Nashville Knoxville Memphis Washington, D.C. Overview HITECH Act HIPAA Audit Program: update and initial results
More informationThe Brave. New World of Healthcare Correspondence. Harnessing the Power of SaaS to Safeguard Patient Data. White paper
The Brave New World of Healthcare Correspondence Harnessing the Power of SaaS to Safeguard Patient Data Background The passage of HIPAA in 1996 introduced seismic changes to the way healthcare providers
More informationDecrypting the Security Risk Assessment (SRA) Requirement for Meaningful Use
Click to edit Master title style Decrypting the Security Risk Assessment (SRA) Requirement for Meaningful Use Andy Petrovich, MHSA, MPH M-CEITA / Altarum Institute April 8, 2015 4/8/2015 1 1 Who is M-CEITA?
More informationBusiness Associates: HITECH Changes You Need to Know
Business Associates: HITECH Changes You Need to Know Rebecca L. Williams, RN, JD Partner Co-chair of HIT/HIPAA Practice Davis Wright Tremaine LLP beckywilliams@dwt.com 1 Who Is a Business Associate? A
More informationHow To Understand And Understand The Benefits Of A Health Insurance Risk Assessment
4547 The Case For HIPAA Risk Assessment Leader s Guide IMPORTANT INFORMATION FOR EDUCATION COORDINATORS & PROGRAM FACILITATORS PLEASE NOTE: In order for this program to meet Florida course requirements,
More informationDissecting New HIPAA Rules and What Compliance Means For You
Dissecting New HIPAA Rules and What Compliance Means For You A White Paper by Cindy Phillips of CMIT Solutions and Kelly McClendon of CompliancePro Solutions TABLE OF CONTENTS Introduction 3 What Are the
More informationCMS AND ONC FINAL REGULATIONS DEFINE MEANINGFUL USE AND SET STANDARDS FOR ELECTRONIC HEALTH RECORD INCENTIVE PROGRAM
CMS AND ONC FINAL REGULATIONS DEFINE MEANINGFUL USE AND SET STANDARDS FOR ELECTRONIC HEALTH RECORD INCENTIVE PROGRAM The Centers for Medicare & Medicaid Services (CMS) and the Office of the National Coordinator
More informationCovered En**es Should Periodically Audit Third Party Vendors/Business Associates Why, What, & How?
Covered En**es Should Periodically Audit Third Party Vendors/Business Associates Why, What, & How? March 27 th 12 pm EDT Moderator: Gerry Blass Panelists: Mac McMillan, Francois Bodhuin, Lou Dignam Webinar
More informationEthics, Privilege, and Practical Issues in Cloud Computing, Privacy, and Data Protection: HIPAA February 13, 2015
Ethics, Privilege, and Practical Issues in Cloud Computing, Privacy, and Data Protection: HIPAA February 13, 2015 Katherine M. Layman Cozen O Connor 1900 Market Street Philadelphia, PA 19103 (215) 665-2746
More informationREGULATORY CHANGES DEMAND AN ENTERPRISE-WIDE APPROACH TO DISCLOSURE MANAGEMENT OF PHI
REGULATORY CHANGES DEMAND AN ENTERPRISE-WIDE APPROACH TO DISCLOSURE MANAGEMENT OF PHI Healthcare Organizations Can Adopt Enterprise-Wide Disclosure Management Systems To Standardize Disclosure Processes,
More informationRoss D. Seymour, MTPM
Health Care Reform and Funding Incentives Ross D. Seymour, MTPM HIPAA Certified Project Manager Orange, California Disclosure This presentation was current at the time it was published. Medicare policy
More informationSecuring Patient Portals. What You Need to Know to Comply With HIPAA Omnibus and Meaningful Use
Securing Patient Portals What You Need to Know to Comply With HIPAA Omnibus and Meaningful Use September 2013 Table of Contents Abstract... 3 The Carrot and the Stick: Incentives and Penalties for Securing
More information29 OIG 2014 Work Plan explores new compliance projects: Part 2. Nathaniel Lacktman
Compliance TODAY May 2014 a publication of the health care compliance association www.hcca-info.org A unique dual role Indiana s OIG successfully combines statutory law enforcement with Code of Ethics
More informationStage 2 EHR Incentive Programs Supporting Documentation For Audits Last Updated: February 2014
Stage 2 EHR Incentive Programs Supporting Documentation For Audits Last Updated: February 2014 Overview Providers who receive an EHR incentive payment for Stage 2 of the Medicare or Medicaid EHR Incentive
More informationReady or Not: OCR s Second Round of HIPAA Audits Are Just Around the Corner
Ready or Not: OCR s Second Round of HIPAA Audits Are Just Around the Corner OPRA 2015 Fall Conference November 4, 2015 Presented By: Lisa Pierce Reisz Vorys, Sater, Seymour and Pease LLP 614.464.8353 lpreisz@vorys.com
More informationWill the Feds Really Buy Me an EHR?
Steven Waldren, MD, David C. Kibbe, MD, MBA, and Jason Mitchell, MD Will the Feds Really Buy Me an EHR? and Other Commonly Asked Questions About the HITECH Act The economic stimulus package offers $19
More informationUnderstanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions
Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions Table of Contents Understanding HIPAA Privacy and Security... 1 What
More informationHIPAA for HIT and EHRs. Latest on Meaningful Use and EHR Certification: For Privacy and Security Professionals
HIPAA for HIT and EHRs Latest on Meaningful Use and EHR Certification: For Privacy and Security Professionals Donald Bechtel, CHP Siemens Health Services Patient Privacy Officer Fair Information Practices
More informationTo: From: Date: Subject: Proposed Rule on Meaningful Use Requirements Stage 2 Measures, Payment Penalties, Hardship Exceptions and Appeals
MEMORANDUM To: PPSV Clients and Friends From: Barbara Straub Williams Date: Subject: Proposed Rule on Meaningful Use Requirements Stage 2 Measures, Payment Penalties, Hardship Exceptions and Appeals The
More informationThe HIPAA Omnibus Final Rule
WHITE PAPER The HIPAA Omnibus Final Rule Four risk exposure events that can uncover compliance issues leading to investigations, potential fines, and damage to your organization s reputation. By Virginia
More informationSanta Rosa Presents Webinar Series Electronic Health Records & Meaningful Use Incentives: Medicare & Medicaid
Santa Rosa Presents Webinar Series Electronic Health Records & Meaningful Use Incentives: Medicare & Medicaid February 11, 2011 Chris Apgar, CISSP President Overview ARRA & Meaningful Use Rule Overview
More informationHIPAA Compliance and the Protection of Patient Health Information
HIPAA Compliance and the Protection of Patient Health Information WHITE PAPER By Swift Systems Inc. April 2015 Swift Systems Inc. 7340 Executive Way, Ste M Frederick MD 21704 1 Contents HIPAA Compliance
More informationPrivacy for Healthcare Data in the Cloud - Challenges and Best Practices
Privacy for Healthcare Data in the Cloud - Challenges and Best Practices Dr. Sarbari Gupta sarbari@electrosoft-inc.com 703-437-9451 ext 12 Cloud Standards Customer Council (CSCC) Cloud Privacy Summit Electrosoft
More informationPresented by: Leslie Bender, CIPP General Counsel/CPO The ROI Companies www.theroi.com
Healthcare Compliance: How HiTECH May Affect Relationships with Business Associates Presented by: Leslie Bender, CIPP General Counsel/CPO The ROI Companies www.theroi.com Legal Disclaimer This information
More informationHIPAA Changes 2013. Mike Jennings & Jonathan Krasner BEI For MCMS 07/23/13
HIPAA Changes 2013 Mike Jennings & Jonathan Krasner BEI For MCMS 07/23/13 BEI Who We Are DC Metro IT Service Provider since 1987 Network Design/Upgrade Installation/Managed IT Services for small to medium-sized
More informationData Security and Integrity of e-phi. MLCHC Annual Clinical Conference Worcester, MA Wednesday, November 12, 2014 2:15pm 3:30pm
Electronic Health Records: Data Security and Integrity of e-phi Worcester, MA Wednesday, 2:15pm 3:30pm Agenda Introduction Learning Objectives Overview of HIPAA HIPAA: Privacy and Security HIPAA: The Security
More informationReady for an OCR Audit? Will you pass or fail an OCR security audit? Tom Walsh, CISSP
Ready for an OCR Audit? Will you pass or fail an OCR security audit? Tom Walsh, CISSP Tom Walsh Consulting, LLC Overland Park, KS What would you do? You receive a phone call from your CEO. They just received
More informationBNA s Health Law Reporter
BNA s Health Law Reporter Reproduced with permission from BNA s Health Law Reporter, 20 HLR 1272, 08/18/2011. Copyright 2011 by The Bureau of National Affairs, Inc. (800-372-1033) http://www.bna.com HHS
More informationAre You Ready for an OCR Audit? Tom Walsh, CISSP Tom Walsh Consulting, LLC Overland Park, KS. What would you do? Session Objectives
Are You Ready for an OCR Audit? Tom Walsh, CISSP Tom Walsh Consulting, LLC Overland Park, KS What would you do? Your organization received a certified letter sent from the Office for Civil Rights (OCR)
More informationWhat Health Care Entities Need to Know about HIPAA and the American Recovery and Reinvestment Act
What Health Care Entities Need to Know about HIPAA and the American Recovery and Reinvestment Act by Lane W. Staines and Cheri D. Green On February 17, 2009, The American Recovery and Reinvestment Act
More informationCOMPLIANCE ALERT 10-12
HAWAII HEALTH SYSTEMS C O R P O R A T I O N "Touching Lives Every Day COMPLIANCE ALERT 10-12 HIPAA Expansion under the American Recovery and Reinvestment Act of 2009 The American Recovery and Reinvestment
More informationKey HIPAA HITECH Changes. Gina Kastel, Partner, Health and Life Sciences
Key HIPAA HITECH Changes Gina Kastel, Partner, Health and Life Sciences Agenda Business Associates Restrictions on Disclosures Access to PHI Notice of Privacy Practices Fundraising 2 Business Associates
More informationHIPAA Summit. March 10, 2011. Phyllis A. Patrick, MBA, FACHE, CHC Phyllis A. Patrick & Associates LLC
HIPAA Summit March 10, 2011 Phyllis A. Patrick, MBA, FACHE, CHC Phyllis A. Patrick & Associates LLC The Secretary shall provide for periodic audits to ensure that covered entities and business associates
More informationThe HIPAA Standard Transaction Requirements: How do Health Plans Comply?
The HIPAA Standard Transaction Requirements: How do Health Plans Comply? April 17, 2014 As most employers are aware, the federal government has released a good deal of guidance related to various provisions
More informationHIPAA Audits Are Here!
HIPAA Audits Are Here! How to prepare for and what to expect when OCR comes knocking May 12, 2016 James B. Wieland, Principal, Ober Kaler Emily H. Wein, Principal, Ober Kaler David Holtzman, VP of Compliance,
More informationLessons Learned from HIPAA Audits
Lessons Learned from HIPAA Audits October 29, 2012 Tony Brooks, CISA, CRISC Partner - IT Assurance and Risk Services HORNE LLP AGENDA HIPAA/HITECH Regulations Breaches and Fines OCR HIPAA/HITECH Compliance
More informationEHR Incentive Programs Supporting Documentation For Audits Last Updated: February 2013
Overview EHR Incentive Programs Supporting Documentation For Audits Last Updated: February 2013 Providers who receive an EHR incentive payment for either the Medicare or Medicaid EHR Incentive Program
More informationRSA SECURE WEB ACCESS FOR HEALTHCARE ENVIRONMENTS
RSA SECURE WEB ACCESS FOR HEALTHCARE ENVIRONMENTS Security solutions for patient and provider access AT A GLANCE Healthcare organizations of all sizes are responding to the demands of patients, physicians,
More informationHeather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com
Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com HIPAA Privacy Rule Sets standards for confidentiality and privacy of individually
More informationMeaningful Use Audits. NextGen Physician Consulting Services
Meaningful Use Audits NextGen Physician Consulting Services Agenda Audit Overview Documentation for measures requiring numerator and denominator data Documentation for attestation only measures Security
More informationMeaningful Use Stages 1 and 2 and How to Survive a Meaningful Use Audit. Charles Jarvis, Senior Manager
Meaningful Use Stages 1 and 2 and How to Survive a Meaningful Use Audit Charles Jarvis, Senior Manager Outline Overview Meaningful Use Stage 1 Differences between Stage 1 and Stage 2 Surviving a Meaningful
More informationPatient Privacy and HIPAA/HITECH
Patient Privacy and HIPAA/HITECH What is HIPAA? Health Insurance Portability and Accountability Act of 1996 Implemented in 2003 Title II Administrative Simplification It s a federal law HIPAA is mandatory,
More informationSurviving a HIPAA Audit: What you need to know NOW So you can cope THEN. Jonathan Krasner www.beinetworks.com www.hipaasecurenow.
Surviving a HIPAA Audit: What you need to know NOW So you can cope THEN Jonathan Krasner www.beinetworks.com www.hipaasecurenow.com Healthcare IT Landscape Meaningful Use Incentives Technology Advances
More informationBy Ross C. D Emanuele, John T. Soshnik, and Kari Bomash, Dorsey & Whitney LLP Minneapolis, MN
Major Changes to HIPAA Security and Privacy Rules Enacted in Economic Stimulus Package By Ross C. D Emanuele, John T. Soshnik, and Kari Bomash, Dorsey & Whitney LLP Minneapolis, MN The HITECH Act is the
More information12/19/2014. HIPAA More Important Than You Realize. Administrative Simplification Privacy Rule Security Rule
HIPAA More Important Than You Realize J. Ira Bedenbaugh Consulting Shareholder February 20, 2015 This material was used by Elliott Davis Decosimo during an oral presentation; it is not a complete record
More informationHIPAA Omnibus Compliance How A Data Loss Prevention Solution Can Help
HIPAA Omnibus Compliance How A Data Loss Prevention Solution Can Help The Health Information Portability and Accountability Act (HIPAA) Omnibus Rule which will begin to be enforced September 23, 2013,
More informationHIPAA Security Risk Analysis for Meaningful Use
HIPAA Security Risk Analysis for Meaningful Use NOTE: Make sure your computer speakers are turned ON. Audio will be streaming through your speakers. If you do not have computer speakers, call the ACCMA
More informationWhat do you need to know?
What do you need to know? DISCLAIMER Please note that the information provided is to inform our clients and friends of recent HIPAA and HITECH act developments. It is not intended, nor should it be used,
More informationThe Advantages and Disadvantages of Having a CEHRT in 2015
Meaningful Use Audits Amy Fehn Law Offices of Fehn, Robichaud & Colagiovanni, PLLC HealthLaw Offices Troy, MI (248) 519-2348 www.healthlawoffices.com Outline Background and Current Status of the Electronic
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT ( Agreement ) by and between OUR LADY OF LOURDES HEALTH CARE SERVICES, INC., hereinafter referred to as Covered Entity, and hereinafter referred
More informationThe Medicare and Medicaid EHR incentive
Feature The Meaningful Use Program: Auditing Challenges and Opportunities Your pathway to providing value By Phyllis Patrick, MBA, FACHE, CHC Meaningful Use is an area ripe for providing value through
More informationNationwide Review of CMS s HIPAA Oversight. Brian C. Johnson, CPA, CISA. Wednesday, January 19, 2011
Nationwide Review of CMS s HIPAA Oversight Brian C. Johnson, CPA, CISA Wednesday, January 19, 2011 1 WHAT I DO Manage Region IV IT Audit and Advance Audit Technique Staff (AATS) IT Audit consists of 8
More informationStage 2 Medical Billing and reconciliation of Patients
Making Sense of Meaningful Use: Stage 2 1 Who are we? Purdue Healthcare Advisors (PHA)*, a business unit of Purdue University, specializes in affordable assistance to organizations that share our passion
More informationOIG Security Audit: What You Need To Know
Watch the Replay on YouTube OIG Security Audit: What You Need To Know Executive Series Webinar July 23rd, 2015 Today s Speakers Elana R. Zana Attorney & Author Ogden Murphy Wallace P.L.L.C. ezana@omwlaw.com
More informationSECURETexas Health Information Privacy & Security Certification Program FAQs
What is the relationship between the Texas Health Services Authority (THSA) and the Health Information Trust Alliance (HITRUST)? The THSA and HITRUST have partnered to help improve the protection of healthcare
More informationHow to prepare for an EHR incentive audit
How to prepare for an EHR incentive audit What is an EHR incentive program? The Medicare and Medicaid EHR Incentive Programs provide incentive payments to eligible professionals, eligible hospitals, and
More informationBecome Audit Proof. What You Need To Know To Protect Your Practice
Become Audit Proof What You Need To Know To Protect Your Practice Disclaimer This webinar is based on official guidance by the Centers for Medicare and Medicaid Services (CMS) and the Office of the National
More information