One of the lessons learned coming out of The Office for Civil Rights (OCR) HIPAA Audit Program is the we must understand where our ePHI is and what our team members and business partners are doing with it. Operational practices and controls must safeguard every record, all the time. Audit controls must be designed and documented to account for ePHI and what activities around that ePHI need to be monitored, internally and with our business associates. Most healthcare organizations have yet to make the leap to this new level of performance.
What will likely emerge in the omnibus rule related to breach notification, HIPAA enforcement and HITECH’s changes to the HIPAA privacy and security rules that may raise the bar even higher?
This 60-minute webcast will provide insight and knowledge that:
1. Enumerates the lessons learned from the OCR HIPAA Audit Program through the experience of one of the “First 20″ audited organizations
2. Defines healthcare’s continuous compliance challenge for privacy and security and the potential impact of the omnibus rule
3. Establishes the business case for evaluating technologies that contribute to continuous compliance
Mac McMillan CEO, CynergisTek and Chair, HIMSS Privacy and Security Policy Task Force