HIPAA Audits – an Insiders Perspective
Brian L Tuttle, CPHIT, CHP, CHA, CBRA, CISSP, CCNA
Brian L Tuttle is a Certified Professional in Health IT (CPHIT), Certified HIPAA Professional (CHP), Certified HIPAA Administrator (CHA), Certified Business Resilience Auditor (CBRA), Certified Information Systems Security Professional (CISSP) with over 18 years’ experience in Health IT and Compliance Consulting. With vast experience in health IT systems (i.e. practice management, EHR systems, imaging, transcription, medical messaging, etc.) as well as over 18 years’ experience in standard Health IT with multiple certifications and hands-on knowledge, Brian serves as compliance consultant and has conducted onsite and remote risk assessments for over 1000 medical practices, hospitals, health departments, insurance plans, and business associates throughout the United States.
In addition, Mr. Tuttle has served in multiple litigated court cases serving as an expert witness offering input related to best practices and requirements for securing and providing patient access to protected health information. Mr. Tuttle has also worked directly with the Office of Civil Rights (OCR) both in defending covered entities and business associates as well as being asked by the Federal government to audit covered entities and business associates on behalf of the OCR. Almost all of Brian’s clients are earned by referral with little or no advertising. Brian is well known and highly regarded in medical circles throughout the United States for his quality work and down-home southern charm.
Mr. Tuttle has a Master’s Degree in Health Sciences from Georgia State University and works nationally out of Kennesaw, GA with his wife Tiffany and two rescue dogs Willie and Butter Bean.
I will be speaking to real life audits conducted by the Federal government for Phase 2 and beyond (I’ve been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). It seems almost daily I am receiving calls from nervous practice managers and compliance officers all over the USA regarding a HIPAA audit letter or call they have received. This lesson will be addressing how to practice/business managers (or compliance offers) need to get their HIPAA house in order before the imminent audits occur. It will also address major changes under the Omnibus Rule and any other applicable updates for 2018.
The primary goal is to ensure everyone is well educated on what is a myth and what is a reality with this law, there is so much misleading information all over regarding the do’s and don’ts with HIPAA – I want to add clarity for compliance officers and practice managers. I will uncover myths versus reality as it relates to this very enigmatic law based on over 1000 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. In addition, this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. – MAJOR RISKS HERE – I will discuss real-life cases I have been a part of and how to avoid being dragged into litigation altogether.
- Updates for 2018
- Requirements of Compliance Officers
- Audit Process
- What can cause an audit
- How to avoid an audit
- What to do in the event of an audit
- How to speak and deal with Federal auditors
- Risk Assessment
- Best resources
Who Should Attend
- Practice managers
- Any business associates who work with medical practices or hospitals (i.e. billing companies, transcription companies, IT companies, answering services, home health, coders, attorneys, etc)
- MD’s and other medical professionals
- Private practice
- Billing companies
- Transcriptions companies
- Home health groups
- Health insurance
- IT companies
Why Should You Attend
- Be prepared for the imminent Federal audit
- Protect your practice or business
- What factors might spurn a HIPAA audit? …are you doing these things?
- Why are the Feds enforcing after all these years?
You need to know how to avoid being low hanging fruit in terms of audit risk as well as being sued by individuals who have had their PHI wrongfully discloses due to bad IT or internal administrative practices. Court cases that are also changing the landscape of HIPAA and patient’s ability to sue.
TRIAL ATTORNEYS ARE JUST AS DANGEROUS AS THE FEDERAL GOVERNMENT THESE DAYS!!
- Do you have an effective HIPAA compliance program?
- New laws and funding mean an increased risk for both business associates and covered entities
- HIPAA Omnibus – Do you know what’s involved and what you need to do?
- What does Omnibus mean for covered entities and business associates?
- Why should you be concerned?
It is important to understand the new changes going on at Health and Human Services as it relates to the enforcement of HIPAA for both covered entities and business associates as it relates to what we need to do as compliance officers.