By Sondra Hornsey
Those of us in Privacy will get to experience what our peers in other areas of compliance have been managing for years – formal government audits. With Phase 2 of the OCR Enforcement audits a kicking off, HIPAA Privacy and Security Officers need to evaluate their programs and start their prep work to ensure audit readiness. Policy and procedure reviews, ability to demonstrate compliance with supporting lists, breach notification template, and an up to date security risk assessment with your mitigation plan are all critical components. Involve your organization compliance officer and key leadership in your audit prep activities and be ready!