Healthcare Compliance Events

Upcoming events


WEBINAR: How to Be Ready to Pass a Surprise COVID-19 Audit

The New Jewish Home in NYC was audited by the Department of Health (DOH) in the middle of the pandemic and passed the audit with excellent results. In this on-demand webinar, Dana Penny, Chief Compliance Officer at The New Jewish Home in NYC discusses how any type of healthcare provider can be prepared to provide excellent documentation should they undergo a surprise audit.

Viewers will learn:

  • Ways to organize and maintain your organization’s pandemic emergency preparedness plan
  • How to apply guidance checklists from the CDC, WHO, HHS, CMS and more
  • How to staff an Emergency Preparedness team and the processes needed to successfully pass an audit and demonstrate regulatory compliance
  • How to apply management tools to assist with planning, documentation and execution

Download presentation   |   Watch video

PRESENTATION: It’s Not Just IT: Why Cybersecurity and Risk Management Needs a Multi-Disciplinary Approach

Cybersecurity and risk management is a responsibility that everyone shares. It requires a top-down approach and commitment shared by every member of the senior leadership team. 

In this presentation, Gerry Blass, President and CEO of ComplyAssistant, and Bob Babin, Director, Strategic Initiatives and Chief Information Security Officer at Saint Peter’s Healthcare System discuss an action plan for developing a multi-disciplinary program that will protect healthcare organizations’ confidential information, brand, information system assets and patient PHI. Using real-world case studies, the presentation will provide strategies and justification for funding a robust, long-term cybersecurity and risk management program.

From this presentation, you will learn how to:

  1. Garner commitment from the entire senior leadership team to build, resource and enforce a cybersecurity and risk management program.
  2. Plan for and properly resourcing a cybersecurity team, and why it should be separate from the IT department.
  3. Identify best practices to create and enforce a cybersecurity policy that works for your organization.

Download presentation

PRESENTATION: Who’s Holding Your PHI? A Strategic Plan to Take Control of Your Security Risk Management

Every healthcare provider, regardless of size or complexity, should have a strategy in place for security risk management. With momentous changes in healthcare technology over the past four decades, protected health information is more valuable now than ever before, making it more vulnerable to breach.

In this presentation, Gerry Blass, President and CEO of ComplyAssistant, and Mike Chirico, former Information Security Officer with New Bridge Medical Center, demonstrate the importance of properly funding and resourcing a security risk management strategy, and propose how healthcare providers can build their own program using action steps.

In this on-demand presentation, Gerry and Mike:

  • Explain how to identify the essential components of a comprehensive security risk management strategy to ensure controls are in place to safeguard protected health information (PHI).
  • Examine best practices, gleaned from real-world examples of healthcare security breaches, for creating and enforcing a security risk management strategy that can work for any organization, regardless of size or complexity.
  • Highlight the various security frameworks available, and how to choose which framework is right for your organization.

Download presentation

WEBINAR: Manage Third Party (BA) Risk by Exception

A significant number of HIPAA breaches are caused by business associates (BAs) and their downstream BAs. What should covered entities (CEs) do to protect themselves, demonstrate due diligence and reduce risk?

CEs are responsible to manage their BAs from both a contract standpoint and an information privacy and security standpoint. And, BAs are responsible to do the same for their own subcontractors (aka downstream BAs).

This webinar includes what CEs and BAs should consider when implementing a functional BA management program, such as:

  • BA inventory organization
  • Criteria to consider for rating a BA’s inherent risk
  • How to effectively administer a large number of BA assessments using an automated approach with exception management
  • Rate assessments based on risk level and documented evidence
  • Assign mitigation action items

Watch video   |   Download presentation

WEBINAR: Third Party Security Risk Management

In this on-demand webinar from ComplyAssistant, hear from a General Counsel, Chief Compliance Officer and Chief Information Security Officer about their challenges and goals for effectively managing their third-party business associate contracts and risk.

In this presentation, you will hear:

  • Operational issues from a legal standpoint in identifying, risk scoring, collaborating with IS, auditing BAs and examples from cases and settlements
  • Partnering with IT and managing BAs from the compliance officer’s perspective
  • Managing BAs from the CISO’s perspective, with special consideration for large, dispersed organizations with a highly mobile workforce

Watch video 

WEBINAR: OCR Phase 2 Audit Protocol

Join Helen Oscislawski, founder of Attorneys at Oscislawski LLC, for this on-demand webinar that reviews the OCR Phase 2 Audit protocols. At the time of this webinar, covered entities had begun to receive requests for information from OCR related to the HIPAA Phase 2 Audits. These requests will form the basis for the final pool of auditees. 

In this on-demand webinar, you will learn how to:

  1. Prepare for an OCR desk audit
  2. Assemble pertinent business associate information
  3. Identify likely focus areas based on recent OCR enforcement activities
  4. Identify common organizational pitfalls
  5. Identify and correct organizational gaps in policies and procedures.

Watch video   |   Download presentation