It looks like you're using Internet Explorer 11 or older. This website works best with modern browsers such as the latest versions of Chrome, Firefox, Safari, and Edge. If you continue with this browser, you may see unexpected results.
The Auditors Are Coming: How to Prepare for an OCR Audit (28:41)All health care practitioners now face HIPAA-HITECH enforcement. Many experience the HITECH-mandated Office for Civil Rights (OCR) audits as intimidating, nerve-racking, and in other ways stressful. This program empowers practitioners with vital information as they prepare for the inevitable audit. Attorney James M. Barclay provides an insightful look at the OCR audit process by covering the following topics: reasons for self-audits, sources that generate an audit, how to form an audit team (and who should be on it), the categories of an audit, what the audit team will look for, the steps involved in conducting an audit, documentation requirements, and the review process of an OCR audit. Finally, Barclay walks viewers through one portion of an actual OCR audit.
The Case for HIPAA Risk Assessments (38:05)A comprehensive security risk assessment is an important and necessary strategy for health care organizations in identifying gaps in their privacy and security environments. Though risk assessments alone do not directly mitigate data breaches, they can help to significantly decrease risk exposure by enabling an organization to know exactly where its protected health information resides and how it is handled. This program covers the reasons for a HIPAA risk assessment, explores both HITECH and HIPAA enforcement, and considers real-world examples of mistakes made by covered entities and what it cost them.