7 Steps To Pass, Or Better Yet Avoid, An OCR Security Audit | AdvancedMD

Features Navigation

Live Chat (800) 825-0224 Live Demo

← Back

7 steps to pass, or better yet avoid, an OCR security audit

Uncategorized

Troy Young, chief technology officer at AdvancedMD and a cybersecurity expert, offers IT and infosec professionals some useful advice to help manage the potential of HIPAA audits.

for auditing and enforcing compliance with the HIPAA security and privacy regulations, as well as the additional rules and clarifications contained in HITECH.

OCR enforces privacy and security rules through compliance audits, education and outreach, and subsequent fines or mitigation expenses. OCR also works with the Department of Justice on possible criminal violations.

An OCR audit usually is triggered by one of two events: Either a complaint has been filed against the practice by a patient or an internal whistleblower, or the practice has reported a breach to OCR.

“Breaches affecting 500 individuals or more must be reported to OCR, in addition to other reporting requirements,” explained Troy Young, chief technology officer at AdvancedMD, a medical office platform vendor.

“However, there’s no direct correlation between the magnitude of a breach and OCR’s fine,” said Young, who recently completed a master’s degree in cybersecurity from Utah Valley University.

Continue reading the article featured in Health IT News.



Topic: Uncategorized


Other Resources Related to This Topic


Uncategorized

Experts answer your HIPAA compliance and 405(d) questions

In this recorded webinar, we’ll highlight changes to HIPAA regulations and highlight best cybersecurity practices....

Uncategorized

HIPAA Security and Privacy Compliance in 2022: What You Need to Know

In this recorded webinar, we’ll highlight changes to HIPAA compliance in 2022. You’ll learn about...

Uncategorized

2022 AdvancedMD Spring Release

Come learn about the AdvancedMD 2022 Spring Release. This two-hour recorded educational training session addresses...

“The money I have invested in AdvancedMD is miniscule compared to the return. I have never been more efficient – ever – in my professional life as I am now.”

Jed Shay, MD
The Pain Care Center

Read the story  ›

“[Our] patients are very well-educated and well-informed, and they want to see results quickly. The practice has to run extremely efficiently and be accessible to them. The nice thing about [AdvancedMD] is it has allowed me to be more efficient both in and out of the office. Now I don’t have to come back into the office, which is great for my family and everything else. It saves me a lot of time – probably an hour a day on the three days I work in the second office.”

Keith Berkowitz, MD
Center for Balanced Health

Read the story  ›

“The best thing I ever did in private practice was getting AdvancedMD—it has liberated me.”

Estaban Lavato, MD
La Loma Medical Center

“Having integrated practice management and EHR is absolutely wonderful, you don’t have to flip back and forth between systems—all of your information is at hand when needed.”

Raju Raval, MD

Read the story  ›