This presentation delivers a very current update on the on-going OCR (Office for Civil Rights) Phase 2 Audit Program. OCR released their extensive and very complex rules and protocols in 2016, as well as initiating the program with hundreds of CE and BA audits. All covered entities (CE) and business associates (BA), literally anyone that accesses, uses or discloses PHI (Protected Health Information), needs to be aware of this on-going audit program.
Under the Phase 2 Audit Program, OCR can potentially review up to 180 different areas (protocols) within the HIPAA privacy, security and breach rules. This presentation reviews the detailed processes and data to be collected by OCR during the audits. The presentation will also address examples of the global set of audit protocols and how to be prepared for an OCR audit. It’s important for all healthcare organization’s covered by HIPAA to be prepared because even if not selected for an OCR audit, any privacy or security complaint could trigger the same types of questions and requests for documentation during the investigation.
The slides themselves will be created from the latest information available about the audit program at the time the slides are due for handout submission. After handout submission, any information that becomes available from OCR or best practice sources will be addressed within the presentation slides delivered to the audience. If the slides do change, audience members will be offered an updated version of the slides if they desire.