What is the Government Looking for In a HIPAA Audit

Overview: This lesson will be addressing how practice/business managers (or compliance Overview: This lesson will be addressing how practice/business managers (or compliance 
offers) need to get their HIPAA house in order as HIPAA is now fully enforced and the government 
is not using kid gloves any more. It will also address major changes under the Omnibus Rule and 
any other applicable updates for 2016 and beyond. There are an enormous amount of issues and 
risks for covered entities and business associates these days.
I will speak on specific experiences from over 17 years of experience in working as an outsourced 
compliance auditor as well as working directly with auditors used by Health and Human Services 
and dispel myths vs realities. I will go over steps to take to avoid an audit or survive an 
audit. I have also served as expert witness on legal cases involving HIPAA violations, and I will 
thoroughly explain how patients are now able to get cash remedies for wrongful disclosures of 
private health information (which leads to more audits). 
More importantly I will show you how to limit those risks by simply taking proactive steps and 
utilizing best practices. 
Why should you Attend:
This once relatively benign legislation is being fully enforced and the news is not good for 
covered entities or business associates!Are you on the hot seat for a HIPAA audit? How do you know?Be prepared! Protect your practice or business!What factors might spurn a HIPAA audit?are you doing these things?Why are the Feds enforcing after all these years?We will be discussing some of the changes taking place in Washington with the Health and Human 
Services in regards to the enforcement of the HIPAA laws already on the books and new risks 
specific to business associates I will also be discussing factors might cause an unwanted visit 
or letter from the Office of Civil Rights and how to prepare for the audit and deal with the Feds 
and state laws.
Areas Covered in the Session:HIPAA Audit processRisk FactorsHow to avoid an auditThings to look out for as a business associateFinesMyths vs RealitiesPortable devicesEmailing and textingBusiness associates and the increased burdenBreach notification
Who Will Benefit:Practice ManagersAny Business Associates who work with Medical Practices or Hospitals (i.e. Billing Companies, 
Transcription Companies, IT Companies, Answering services, Home Health, Coders, Attorneys, etc)MD's and other Medical Professionals
Speaker Profile Brian L Tuttle, CPHIT, CHP, CBRA, Net+, A+, CCNA, MCP is a Certified Professional in Health IT 
(CPHIT), Certified HIPAA Professional (CHP), Certified HIPAA Administrator (CHA), Certified 
Business Resilience Auditor (CBRA), Certified Information Systems Security Professional (CISSP) 
with over 18 years' experience in Health IT and Compliance Consulting. With vast experience in 
health IT systems (i.e. practice management, EHR systems, imaging, transcription, medical 
messaging, etc.) as well as over 18 years’ experience in standard Health IT with multiple 
certifications and hands-on knowledge, Brian serves as compliance consultant and has conducted 
onsite and remote risk assessments for over 1000 medical practices, hospitals, health 
departments, insurance plans, and business associates throughout the United States.