skip to main content


OCR Audits Phase 2 With Real Life Experience - How to Navigate?

New England Healthcare Internal Auditors Conference 2016

November 30 - December 2, 2016

Speakers: William J. Roberts, Stephanie M. Gomes-Ganhão

November 30 - December 2, 2016

New England Healthcare Internal Auditors
Annual Compliance and Audit Conference

In March of 2016, the United States Department of Health and Human Services Office for Civil Rights (“OCR”) launched “Phase II” of its HIPAA compliance audit program.  The purpose of these audits is to assess compliance with the HIPAA Privacy, Security and Breach Notification Rules and both covered entities and business associates may be subject to them.  While these audits are primarily be desk audits,  some on-site audits are being conducted. This presentation will provide an overview of the audit process, a look back at the Phase II audit period, and provide practical solutions and best practices for preparing for and handling an OCR HIPAA audit.  The presentation will also consider how to interact with OCR and the implications an audit may have for a health care organization.

© Shipman & Goodwin LLP 2020. All Rights Reserved.