Don’t make the mistake of thinking you’re immune to a HIPAA audit, to paying hefty fines, or being charged with significant penalties. The Office of Civil Rights (OCR) on the Health and Human Services’ (HHS) website is full of healthcare organizations that never dreamed they could be found guilty of a HIPAA violation – and yet they were.
It doesn’t matter what size you are (i.e. hospital system or solo-practitioner), what state you are in, or what specialty you practice. Unless you take action immediately, you are at risk of being selected to undergo a HIPAA audit, which could lead to violations, fines, penalties or even legal action. So trust me, getting audited for HIPAA is not something you want to experience.
And according to HHS, the “I don’t know excuse” isn’t going to fly. In fact, they have specific financial penalties spelled out for the “I didn’t know” defense. But you can get the answers you need to ensure you are protected should you ever receive an Audit Notification. That’s what Brian L Tuttle, CPHIT, CHP, CHA, CBRA, CISSP, CCNA, nationally recognized certified HIPAA auditor, will teach you in his recorded training session.
Being HIPAA compliant is just NOT easy. There are over 44 risk assessments that are being used to measure your HIPAA compliance, and Brian’s program emulates exactly what the Feds are looking for so you can head them off at the pass. Here are some key strategies and information you’ll receive by attending is upcoming webinar:
• Identify your key risk factors and how to resolve them before it is too late
• How to stop an actual audit, even after you’ve received the notice
• Use the Health Information NOT covered by HIPAA to your advantage
• Get your associate contracts in order, without overdoing it
• Train your staff on the necessary standards for e-information without putting them to sleep
• Learn to think like a HIPAA auditor, and avoid costly penalties
The cases below represent HIPAA infractions by a variety of healthcare organizations (i.e. hospitals, private practices, mental health clinics, pharmacies, etc.) in numerous states, and in multiple specialties (proving that anyone can be audited and found guilty of a violation). These are real-life HIPAA violations, that organizations just like yours were charged with include failure to adhere to the minimum standards when leaving patient messages; charging too much for copying patient charts; staff discussing clinical issues in the open, limiting patient access to their records based on their over-due balance, HIV status revealed to employer by accident, etc.
Finally, you may not realize patient complaints are primary drivers of who is going to be audited. This means it is even more critical that you are on your HIPAA “A” game. By watching Brian’s online training session you’ll be able to mitigate your HIPAA compliance risk, you’ll know what the top areas of non-compliance are, what information the Feds are looking for, and how to keep the auditors from knocking on your door in the first place.
There is no doubt that large organizations are being hit with millions of dollars in HIPAA penalties all across the country. But small practices are at risk to. For example, just a few months ago a dermatology practice in Concord, MA agreed to pay a penalty for HIPAA violations of $150,000. And although not all cases result in large fines, the significant stress and hassle of being audited is something you certainly don’t want to experience. Don’t wait, register today.
Brian is a Certified Professional in Health IT (CPHIT), Certified HIPAA Professional (CHP), Certified HIPAA Administrator (CHA), Certified Business Resilience Auditor (CBRA), Certified Information Systems Security Professional (CISSP) with over 17 years’ experience in Health IT and Compliance Consulting.
With vast experience in health IT systems (i.e. practice management, EHR systems, imaging, transcription, medical messaging, etc.) as well as over 17 years’ experience in standard Health IT with multiple certifications and hands-on knowledge, Brian serves as compliance consultant and has conducted onsite and remote risk assessments for over 1000 medical practices, hospitals, health departments, insurance plans, and business associates throughout the United States.
In addition, Mr Tuttle has served in multiple litigated court cases serving as an expert witness offering input related to best practices and requirements for securing and providing patient access to protected health information. Mr. Tuttle has also worked directly with the Office of Civil Rights (OCR) both in defending covered entities and business associates as well as being asked by the Federal government to audit covered entities and business associates on behalf of the OCR.
