Tel: 847-707-5865
e-mail: margret@margret-a.com

Regulatory Qualifications

Regulatory and Accreditation Compliance Qualifications

Margret\A Consulting

Click on one of the links below or scroll down on the page to read about our Regulatory and Accreditation Compliance Qualifications.

Representative Client Engagements Related to HIPAA for Providers

  • For a reference laboratory, provide evaluation and training relative to use of personal health information for quality assurance, research, and commercial product development.
  • For a community hospital in the Midwest, provided orientation to HIPAA security risk analysis process, provided risk analysis inventory and documentation tools, and helped build an effective security risk analysis team.
  • For an inner-city hospital in the Midwest, reviewed recently conducted HIPAA security assessments and provided prioritization for budgeting.
  • For a consortium of Native American tribes in the Northwest, provided a HIPAA self-assessment and on-site validation of two sample assessments.
  • For a university medical school faculty and academic medical center in New England, provided HIPAA remediation services in the form of privacy and security task prioritization, policy and procedure document development, review of educational materials, and transactions preparedness support for small clinics.
  • For an integrated delivery system serving the northern half of two Midwest states, provided HIPAA training for executives, physicians, and managers; conducted a HIPAA readiness assessment for all major hospitals, sample of small hospitals, and sample of clinics; developed a project plan, resource guide, and timeline; and performed comprehensive document review. Currently conducting a transactions data gap analysis, privacy and security document development, and quarterly independent verification and validation.
  • For a “top-100” hospital system, provided HIPAA training; conducted readiness assessment for consolidated data center, business office, health information management, and physician office management; facilitated project planning; and performed comprehensive document review for HIPAA compliance.
return to the top

Representative Client Engagements Related to HIPAA for Health Plans and Clearinghouses

  • For a county-organized health system that provides a locally managed healthcare program to Medicaid beneficiaries, conducted HIPAA readiness assessment, risk analysis, and budget for HIPAA remediation.
  • For a healthcare switching service, conducted a risk analysis of the use of PKI versus other forms of entity authentication for the Internet exchange of transactions from providers to health plans.
return to the top

Representative Client Engagements Related to HIPAA for Vendors, Suppliers, and Associations

  • For a business associate (call center) of a major payer, provided a comprehensive HIPAA privacy and security assessment, educational programming, and policy and procedure development.
  • For a hybrid entity, including a clearinghouse, popular interface engine supplier, and care management services conducted a HIPAA security assessment, delivered HIPAA privacy and security training for all staff, and developed policies and procedures for both its covered entity and business associate functions.
  • For an offshore software development company, evaluated HIPAA as a potential market; explored joint venture for creating an automated data gap analysis tool.
  • For an association of financial services internal auditors, provided a side-by-side comparison of HIPAA and GLBA.
  • For an association of health plans and a consortium of medical specialty societies, developed transactions and code sets tool kits.
return to the top

Client Engagements Related to HIPAA for Federal, State, and Local Government

  • For San Mateo Country, California, participated in a covered entity analysis and provided a HIPAA privacy assessment for all covered components.
  • Keynote speaker at HIPAA Forum and strategy session for Orange County Health Care Agency, Orange County Medical Association, Health Care Association of Southern California, and Coalition of Orange County Community Clinics.
  • Provided expert testimony on current practices and costs associated with implementing HIPAA privacy consent requirement for the U.S. General Accounting Office (publication GAO-01-584).
return to the top

Recent Compliance Presentations and Publications

  • “Mobile Device Security Toolkit” in “Laptop and Other Mobile Devices Security for Lawyers,” with Alan Goldberg, Bill Freivogel, John Parmigiani, and Tom Walsh, American Health Lawyers Association, September 20, 2006, audio conference
  • “Ongoing Compliance Assurance: Internal Assessments and Independent Verification and Validation that P&S P&P are Followed,” with Steve Lazarus, HIPAA Summit 12, April 10, 2006, Baltimore, MD
  • “Understanding the HIPAA Enforcement Rule,” with Susan Miller, HC Pro, March 21, 2006, audio conference
  • “Electronic Scripts, ePrescribing and eDrug Labels,” with Alan Goldberg, Food and Drug Law Institute, February 17, 2006, audio conference
  • “ePrescribing: CMS $ OIG Proposed Rules, Technology and Drafting Documents,” with Alan Goldberg and Jodi Daniel, American Bar Association, December 7, 2005, audio conference
  • “More on HIPAA, . . . and Beyond,” Medical Economics, February 26 (Fort Lauderdale, FL), October 7 (Baltimore, MD), November 12, 2005 (Boston, MA)
  • “Tackling the Challenges of HIPAA, Annual Conference, American Health Information Management Association, October 2005
  • “Putting the Finishing Touches to Security – Are You Ready?” Journal of AHIMA 76, no.4 (April 2005): 56-57
  • “Reporting Security Incidents,” Journal of AHIMA 76, no.3 (March 2005): 60
  • “HIPAA Security for the American Academy of Dermatology,” February 21, 2005
  • “Making Amendments Meaningful,” Journal of AHIMA 76, no.2 (February 2005): 60-61.
  • “Access Controls: Striking the Right Balance,” Journal of AHIMA 76, no.1 (January 2005): 56-57.
  • Amatayakul, Margret, Guide to HIPAA Auditing: Practical Tools and Tips to Ensure Compliance, HCPro, Inc. 2004.
  • Amatayakul, M, “Security Awareness: The Right Messages,” Journal of AHIMA, April 2004, pages 56-59.
  • Amatayakul, M, “A Primer on Network Security,” Journal of AHIMA, March 2004, page 56
  • Amatayakul, M and MR Cohen, “Ongoing Compliance,” ADVANCE for Health Information Executives, March 2004, page 16.
  • Amatayakul, M and S Lazarus, Complete Guide to HIPAA Security Risk Analysis, New York: Brownstone Publishers, 2004.
  • Amatayakul, M. S Lazarus, T Walsh, and C Hartley, Handbook for HIPAA Security Implementation, Chicago: AMA Press, 2004
  • Amatayakul, M. Guide to HIPAA Auditing: Practical Tools and Tips to Ensure Compliance, Marblehead, MA: HCPro, Inc., 2004
  • Amatayakul, M. and SS Lazarus, “Advanced Strategies in HIPAA Security Risk Analysis,” HIPAA Summit 8, Baltimore, MD, March 7, 2004.
  • Cohen, MR and M. Amatayakul, “Evolving Corporate Roles,” ADVANCE for Health Information Executives, February 2004, page 18.
  • Amatayakul, M, “Securing Executive Support for Security,” Journal of AHIMA, February 2004, pages 58-59.
  • Amatayakul, M, “Controlling Your High-Tech Security Shopping List,” Healthcare Financial Management, February 2004, pages 86-87.
  • Amatayakul, M, “Finding Quality HIPAA Security Resources,” Journal of AHIMA, January 2004, pages 58-59.
  • Cohen MR and M Amatayakul, “Freeware: Be Aware,” ADVANCE for Health Information Executives, January 2004, page 53-54.
  • Cohen, MR and M Amatayakul, “Your Security Arsenal,” ADVANCE for Health Information Executives, December 2003, page 12.
  • Amatayakul, M, “Rethinking Initial HIPAA Efforts,” Journal of AHIMA, November/December, 2003, pages16A-16D.
  • “What’s New in IT Strategic Planning,” First Illinois Chapter, HFMA, November 20, 2003, Oak Brook
  • Amatayakul, M, “Leveraging HIPAA to Improve IT Planning, Healthcare Financial Management, November 2003, pages 88-89.
  • Amatayakul, M and MR Cohen, “Leveraging HIPAA for IT Planning, ADVANCE for Health Information Executives, November 2003, page. 16.
  • “Claims and Code Sets: Old and New,” (with Teri Jorwic), AHIMA Annual Conference, October 19, 2003, Minneapolis
  • Amatayakul, M and MR Cohen, “Risk Analysis and Management,” ADVANCE for Health Information Executives, October 2003, page 20.
  • Amatayakul, M, “HIPAA Reins in Shadow Charts, Independent Databases, Journal of AHIMA, October 2003, pages 16A-16C.
  • Cohen, MR and M Amatayakul, “Leveraging HIPAA,” ADVANCE for Health Information Executives, September 2003, page 16.
  • Amatayakul, M, “Due Diligence in Moderation: Disclosing PHI,” Journal of AHIMA, September 2003, pages 16A-16D.
  • Amatayakul, M and MR Cohen, “Contingency Planning for HIPAA Transactions, Healthcare Financial Management, August 2003, pages 100-101.
  • Cohen, MR and M Amatayakul, “Electronic Signatures,” ADVANCE for Health Information Executives, August 2003, page 16.
  • “Best Practices: YOUR Involvement in HIPAA Transactions, Code Sets and Security Compliance,” California Health Information Association, August 19, 2003 (Los Angeles) and August 20, 2003 (Oakland)
  • “Ready for the Transactions Rule? Get Started with Code Sets,” (with Teri Jorwic, RHIA, CCS and Rita Scichilone, RHIA, CCS, CCS-P, CHC) HIPAA on the Job, Journal of AHIMA, Vol. 74, No. 7, July-August 2003.
  • “Simplifying HIPAA’s Transactions and Code Sets,” Institute for International Research, June/July 2003, Chicago, Denver, Los Angeles, Philadelphia.
  • Cohen, MR and M Amatayakul, “Freeware for Security,” ADVANCE for Health Information Executives, July 2003, page 18
  • Amatayakul, M and MR Cohen, “Use of Security Technology,” ADVANCE for Health Information Executives, June 2003, page 22.
  • HIPAA Transactions and Code Sets Toolkit for Physicians and Other Providers of Professional Healthcare Services (Second Edition), distributed to members of Blue Cross and Blue Shield Association, American Academy of Pediatrics, and American College of Physicians-American Society for Internal Medicine
  • Amatayakul, M, “Translating the Language of Security,” Journal of AHIMA, June 2003, pages 16A-16D.
  • “Advanced Strategies for Complying with the HIPAA Workforce Training in Covered Entities’ Privacy and Security Policies and Procedures,” (with Steve Lazarus, PhD, Keith Korenchuk, JD, Paul Smith, Esq.) HIPAA Summit West, June 5, 2003, Seattle
  • “Tough Questions? Scripts Provide Easy Answers,” HIPAA on the Job, Journal of AHIMA, Vol. 74, No. 5, May 2003.
  • “HIPAA Compliance: Have You Completed A Risk Analysis?” (with Steven S. Lazarus and Tom Walsh), Healthcare Financial Management, May 2003.
  • “HIPAA Security,” (audio conference), HC Pro, May 8, 2003
  • “Practical Advice for Effective Policies, Procedures,” HIPAA on the Job, Journal of AHIMA, Vol. 74, No. 4, April 2003.
  • Cohen MR and M Amatayakul, “IT Governance and Security,” ADVANCE for Health Information Executives, April 2003, page 18.
  • “Are You Ready to Start Privacy Compliance?” ADVANCE for Health Information Professionals, April 14, 2003.
  • “The Key to a HIPAA-safe Computer System,” (quoted), Medical Economics, April 11, 2003.
  • “Do Your Homework,” (with Michael R. Cohen), HIPAA Corner, ADVANCE for Health Information Executives, March 2003.
  • “For PHI Peace of Mind, Be Kind and Remind,” (quoted) Eli’s HIPAA Training Alert, Volume 2, Number 3, March 2003.
  • “Think You’re Ready? Don’t Forget the Self-insured Health Plan,” HIPAA on the Job, Journal of AHIMA, Vol. 74, No. 3, March 2003.
  • “HIPAA Training” (with Steven S. Lazarus, PhD), Sixth National HIPAA Summit, March 28, 2003, Washington, DC
  • “TCS Testing,” (audioconference with Michael R. Cohen), HC Pro, March 20, 2003
  • Amatayakul, M, “Taking an IT ‘Go-Live’ Approach to HIPAA Readiness,” Healthcare Financial Management, February 2003, pages 86-90.
  • “Avoiding Regulatory Paralysis,” (with Michael R. Cohen), HIPAA Corner, ADVANCE for Health Information Executives, February 2003.
  • “It’s Third and Long,” (with Michael R. Cohen), HIPAA Corner, ADVANCE for Health Information Executives, January 2003.
  • HIPAA Transactions Made Simple: Achieving the Benefits of EDI (with Michael R. Cohen), Marblehead, MA: Opus Communications, 2003.
  • HIPAA Made Simple: A Guide to Fast-Tracking Compliance, Second Edition, Marblehead, MA: Opus Communications, 2003.
  • “On the Fast Track to Privacy Rule Compliance,” HIPAA on the Job, Journal of AHIMA, Vol. 74, No. 2, February 2003.
  • “Taking an IT ‘Go-Live’ Approach to HIPAA Readiness,” Healthcare Financial Management, February 2003.
  • “Standard Transactions and Data Code Sets,” CMHC, January 13, 2003, Columbus
  • “HIPAA Compliance: Stop Spinning Your Wheels,” (quoted) ADVANCE for Health Information Professionals, January 6, 2003.
  • “Will HIPAA Allow Wireless?” by Adam Stone (quoted) 802.11 Planet, January 5, 2003
  • “Another Layer of Regulations: Research Under HIPAA,” HIPAA on the Job, Journal of AHIMA, Vol. 74, No. 1, January 2003.
return to the top