In 2012, the HHS Office for Civil Rights (OCR) is piloting a program to perform as many as 150 audits of covered entities to assess privacy and security compliance as mandated by the HITECH Act. The proactive audits will be focused on assessing whether each covered entity: (1) has comprehensive policies and procedures that address critical requirements of the HIPAA Privacy and Security Rules; and (2) has implemented these policies and procedures through routine operations in a manner consistent with the Rules.

While the audit program for 2012 affects a small percentage of covered entities, there are indications that the audits will continue beyond 2012. There are incentives in the HITECH Act that allow OCR to retain any settlement amounts or penalties resulting from privacy and security enforcement. The continuation of this audit program may be a prime candidate for the allocation of such funds. OCR’s initial statements regarding business associates and issue-focused audits suggest plans for future audits beyond 2012.

Given the potential impact, all covered entities should prepare to demonstrate evidence of compliance and maintain an “audit-ready” state. Join us for a live web demonstration of Compliance 360 that will feature:

• Up-to-date repository of HIPAA Privacy and Security rules with background analysis, best practices, audit questionnaires, remediation tasks, and suggestions provided by healthcare subject matter experts.
• Built in workflow that automates activities related to assignments, collaboration, revisions, reviews, and approvals using processes that are consistent for all Compliance 360 applications.
• Questionnaire-driven as well as free-form assessment methodologies with automatic distribution of assessments to multiple employees and business partners as needed.
• Automation of the management of corrective action plans for areas identified as having compliance gaps.
• Complete life cycle management of policies and procedures including workflow automation for policy authoring, collaboration, reviews, and approvals.
• Central repository for managing, organizing, and tracking business associates and related contracts and BAAs. Ability to conduct risk assessments of business associates.
• Management of the investigation of HIPAA related incidents including data collection, tracking incident information, follow-ups, corrective actions and outcomes.
• Linking of relevant evidentiary documentation such as policies and procedures, corrective actions, investigations, monitoring results and controls to HIPAA requirements for compliance audits.

Who Should Attend

• Chief Privacy Officer
• Chief Compliance Officer
• General Counsel
• Chief Audit Executive
• CEO, CFO
• Chief Information Officer
• Chief Risk Officer

Please note, this product demonstration contains sensitive information and is available for verifiable organizations only. You must use your business email address to register. Consultants/Legal Advisers wishing to gain access should contact us for special logins. Thank you for understanding.

Business Email Required

Or Click HERE to Register

DATE:	January 19, 2012
TIME:	2:00 - 3:00pm ET
COST:	FREE

Please convert to your local time zone