HIPAA implementation should be grasped from an insider’s perspective

Carrying out HIPAA implementation is something a Covered Entity or a Business Associate has no choice about. To carry out this mandatory activity, the most important requirement is getting a proper grasp of how to carry out HIPAA audits. As is known in the industry circles, carrying out HIPAA audits is a big task for even the most seasoned professional in the healthcare industry. 

The main reason for which Covered Entities and Business Associates consider HIPAA implementation difficult is because of the nature of HIPAA audits. HIPAA contains words that are subjective and confusing. So, getting a grasp of the nuances and subtexts and their intended meanings is very essential for a Covered Entity and a Business Associate in order to get their HIPAA implementation right.

Varied kinds of penalties

When one takes a look at the kind of penalties imposed already in 2017; the need for understanding how to get HIPAA implementation right becomes all the more acute. As recently as in the last week of April 2017, the OCR announced a HIPAA settlement of the order of $ 2.5 million on CardioNet, a Pennsylvania-based provider of remote mobile monitoring and rapid response to patients with cardiac issues. 

Its fault: it did not take sufficient care to prevent an employee’s laptop, which contained the health records of nearly 1400 patients, from getting stolen. The investigation by OCR concluded that CardioNet had not carried out Risk Analysis properly and had not put the right risk management processes in place at the time the theft took place. This is just one instance of an entity not taking the required steps for HIPAA implementation. There are many others that have attracted similar and even higher penalties for a variety of reasons.

OCR has been tightening HIPAA implementation audits

All these apart, the allocation in the federal budget for the office of civil rights has gone up by 10 percent for 2017 over the previous year. What does this mean? It makes the OCR’s scrutiny and vigilance of Covered Entities and Business Associates even tighter than it was before, since the OCR has announced that it will be using these extra resources to improve and streamline the tools they use for vigilance and to also adapt newer, more advanced technologies into healthcare IT infrastructure. 

All these actions are the result of the reinvigorated Phase 2 HIPAA audits, which the OCR started in March 2016.

Get trained on how to get HIPAA implementation right

A look at all these cases makes it clear that it is absolutely necessary for Covered Entities and Business Associates, as well as all those involved in one or another way with HIPAA audits, such as Practice Managers, Business Associates who work with medical practices or hospitals (namely billing companies, transcription companies, IT companies, answering services, home health, coders, attorneys, etc.), and MD’s, and other medical professionals, to get all the aspects of their HIPAA implementation completely right. 

The in-depth knowledge needed for understanding and getting HIPAA audits right is the learning outcome of a webinar from MentorHealth, a leading provider of professional trainings for the healthcare industry. Brian L Tuttle, a senior Compliance Consultant & IT Manager at InGauge Healthcare Solutions, will be the speaker at this webinar, to enroll for which, all that is needed is to visit 

https://www.mentorhealth.com/control/w_product/~product_id=801002?/Linkedin_SEO

 As someone who has been on both sides of the audits, Brian will explain the way real life audits are conducted by the federal government for phase 2 and beyond. He will explain just what the highest risk factors for non-implementation are, some of which may even cause people to chuckle. He will explain what practice or business managers or compliance officers need to do if they have to get their HIPAA audits right. Also taken up will be the major changes under the Omnibus Rule and any other applicable updates for 2017.

Brian will mainly seek to clear the misconceptions and myths about this often misunderstood law. He will teach participants the way to put a HIPAA compliance program in place. He will also explain the dos and don'ts of HIPAA Omnibus, among many other issues related to this topic. 

The following areas will be covered at this session:

o      Updates for 2017

o      Requirements of Compliance Officers

o      Audit Process

o      What can cause an audit

o      How to avoid audit

o      What to do in the event of an audit

o      How to speak and deal with Federal auditors

o      Risk Assessment

o      Best resources.