Drew Williamsen

Privacy Officer & Compliance Investigator , University Health

Drew Williamsen serves as the Privacy Officer & Compliance Investigator for University Health, a non-profit organization, with its primary location in Shreveport, Louisiana. University Health is the hospital and clinical partner to LSU Health Shreveport medical school. In this role, Mr. Williamsen oversees the privacy program at two hospitals and numerous associated clinics in Northern Louisiana. Working in the Compliance Department, Mr. Williamsen, along with Privacy, is also involved in in activities related to Fraud & Abuse, Stark, False Claims, Anti-Kickback, EMTALA, Provider Based Billing Rules, Research, and everything else related to compliance.

Mr. Williamsen has over 10 years of experience in various roles in the healthcare industry, from billing and collections, software, medical informatics and compliance. Most of which has been through working for Academic Medical Centers.

Mr. Williamsen has a Master’s of Healthcare Administration from Oklahoma State University, a Master’s Certificate of Healthcare Corporate Compliance from The George Washington University, and a Bachelor’s Degree in Mass Communication from The University of Utah. He is also Certified in Healthcare Compliance from the Healthcare Corporate Compliance Association (HCCA).

Privacy Risk Analysis

Many organizations focus their HIPAA Risk Analysis on the Security side, and rightfully so. In this day and age, security should be a high priority, but often Privacy gets left out. In this webinar, you will be taught how to conduct your Privacy Risk Analysis so by the time you are done, your Privacy Risk Analysis can stand up to an audit. This will include all the steps through the process to ensure you have a conducted a thorough analysis. The National Institute of Standards and Technology (NIST) has released guidance on conducting a Privacy Risk Analysis. We will go through the guidance and ensure you have the tools to start your own Privacy Risk Analysis.

Conducting a Breach Investigation

The Health Insurance Portability and Accountability Act of 1996, otherwise known as HIPAA, has requirements for Healthcare Covered Entities to conduct a Breach investigation when a patient’s record has been compromised. In order to meet the requirements of the Federal Government, each organization has to conduct a Breach Investigation. Sometimes, there is grey area as to whether or not a situation is or is not a breach, but the law is very clear.

Writing Effective Policies and Procedures

Most organizations don't take the time to assure that their policies and procedures are effective. Meaning, the policies are followed, enforced, and most importantly, that the policies are read by the employees. Knowing how to create effective policies is a process, and usually involves more than one person. The process starts at the top of the organization and goes all the way through to the front line staff. Getting buy-in from administration and human resources are essential, but not enough. The policies have to be understood by every level of intelligence within an organization. Once a policy is written, you aren't done; getting a policy put into an employee handbook is really just the beginning of the process to ensure its effectiveness. This webinar will discuss the process most policies should take and what is critical to be included in every policy.

EMTALA - Emergency Medical Treatment and Active Labor Act explained

In this webinar, we will look the Emergency Medical Treatment and Active Labor Act and go over requirements for hospitals under the law. There is much to do for a hospital to be compliant with the law, and discuss what is and is not a violation. We will also look at investigating an EMTALA event and what is required.