Log in     |    Join

Loading Events

« All Events

  • This event has passed.

2023 Southern California Regional

October 5, 2023 @ 8:00 am - 5:00 pm

The AHIA Regional Seminars provide a forum for Healthcare internal auditors to meet in-person to network and interact with their peers, share internal audit best practices, and strengthen the profession of Healthcare internal auditing. Internal Auditors, Senior Internal Auditors, Compliance Auditors, IT Auditors, Audit Supervisors, Internal Audit Managers, Internal Audit Directors and Chief Audit Executives are welcomed to attend. These sessions are designed to be highly interactive to promote attendee participation and sharing of internal audit best practices. Following this day of sessions, participants will be able to discuss current healthcare internal audit topics, describe different audit approaches and techniques, and list best audit practices.


Sharp Health Plan
8520 Tech Way
San Diego, CA 92123



Auditing Physician Agreements

Speakers: Melaney Scott, Moss Adams
Description: Physician agreements, which encompass on-call agreements, medical directorships, recruitment agreements, etc. are often an area of interest that bridges both compliance and internal audit. Compliance generally focuses on specific regulatory compliance considerations (for example Stark Law); however, there are other operational aspects and processes to include in an internal audit of physician agreements.  In addition, there are two overarching and interrelated aspects to consider when performing an internal audit of physician agreements, contract management and payments.   During this session, we’ll discuss various physician agreements and key elements to be aware of with each.  From an internal audit planning perspective, we’ll explore contract management key risk areas and ideas around the internal audit approach and ways to collaborate with the compliance department.  We’ll also consider key areas related to payments to consider incorporating in an internal audit.  From a proactive perspective, we’ll explore monitoring activities using data that can help identify areas to look into further.

A Modern-Day Look at Auditing Cybersecurity Risks

Speakers: Debbie Lew, Kaiser Permanente
Description: Audit committees face increasingly complex demands and expectations when it comes to cybersecurity. In this session, we will discuss how an internal audit function can help the audit committee with its oversight role, increase coverage to provide assurance given limitations in terms of resources, access to expertise, and influence that might restrict the ability to do so effectively.

Artificial Intelligence

Speakers: Caitlin Holleran, Sharp HealthCare; Chase Franzen, Sharp Healthcare; Lauren Shaw, Senior Manager, Deloitte
Description: To be announced.

Third-party Risk Management Assessments

Speakers: Mark Neu, Renown Health
Description: An enterprise-wide assessment of the day-to-day operations of procurement, contracting, legal, finance, IT Security, and compliance using a best-practices framework was a months-long endeavor that yielded valuable insights to what was working well within the organization and where improvements could be made
.  This session will address the genesis of how this item became part of the Audit Plan, the scoping and kick-off, the challenges experienced during the field work, the review of the final report, reporting results to leadership and the Board, and finally implementing a strategy to address the findings.

Price Transparency

Speakers: Richard Riter, Moss Adams
Description: To be announced.

Front to Back – Revenue Cycle 101

Speakers: Hayley Oakes, Grant Thornton
Description: One of the most common internal audit areas is revenue cycle given the ample risks and opportunities. This session will go into detail on the different aspects of revenue cycle from scheduling to billing and everything in between. This session will also outline the fundamental financial, regulatory, operational, and reputational risks that exist within revenue cycle and how internal audit can assess mitigating actives and provide value add in these areas.

Wizard of Oz – Adaptation for Standard Controls in Healthcare Settings

Speakers: John Lefter and Fridah Kiminya, Kaiser Permanente
Beginning in 2019, Kaiser Permanente Management and Internal Audit Services, under the sponsorship of the Audit and Compliance Committee, have partnered to develop a standardized risk and control template to allow standard controls’ evaluation (Service Area Audits or “SAA”s) across its 39 hospitals, and 622 medical offices located in 8 different markets. This session will walk through the process of creating and implementing an effective SAA process. We will share the history and governance of the project, how we gained buy-in from a multitude of stakeholders, the collaboration with Management to identify and operationalize the scope of work, and lessons learned from our first year of execution.


Chase Franzen, Sharp Healthcare

Chase Franzen is the Vice President of IT Risk Management and Chief Information Security Officer at Sharp HealthCare in San Diego. In his role at Sharp, Chase oversees IT security architecture, engineering, operations, security training and awareness, IT governance, risk & compliance, and identity & access management.
Prior to joining Sharp HealthCare, Chase held multiple technology leadership positions in Banking and Finance including Vice President, Investment Banking Capital Markets Technology and Vice President, Enterprise Information Security at Wells Fargo. Over the years, he has additionally founded a small handful of businesses in the restaurant, real estate, and technology services sectors.
Chase has a BA in Economics from the University of Minnesota and an MBA from the Carlson School of Management. In his spare time, Chase is an avid pilot and flight instructor, sailor, scuba diver, and endurance sports junkie – having completed several Ironman races, multiple-day bike races, 100-mile ultramarathons, and a double Ironman in the mountains of Wales. He loves off-the-beaten-path world travel and eating the most interesting foods one can find.

Caitlin Holleran, Sharp HealthCare

Caitlin is the CCO for Sharp HealthCare where she leads the strategic development and execution of compliance and privacy programs. She takes pride in developing highly effective tools and resources that empower Sharps 19,000 employees and 3,000 affiliated physicians to act ethically and in accordance with regulatory requirements. Prior to Sharp, Caitlin was a leader in Deloitte’s health care practice, and spent years supporting prominent health care systems, health plans and biotech organizations manage risk, improve operations, and meet compliance obligations.  She has significant experience leading and managing projects in the areas of regulatory compliance, assurance, and healthcare operations transformation. In her free time, Caitlin and her family enjoy hiking, mountain biking, skiing, beach days, and when not in a pandemic, traveling.


Fridah Kiminya, Kaiser Permanente

Fridah has been with Kaiser Permanente (KP) Internal Audit for eight years. She leads audits in Care Delivery Operations including areas such as Nursing and Quality. Prior to joining KP she started her career in public accounting performing operational and financial audits as well as SOX compliance work.



John Lefter, Kaiser Permanente

John is the Director of Internal Audit responsible for KP’s Enterprise Business Services portfolio. He has been in healthcare internal audit for 11 years, in the internal audit profession for over 15 years, and has started his career in public accounting performing IT, operational and financial audits and SOX compliance work for over 5 years.



Debbie Lew, Kaiser Permante

Debbie Lew currently serves as Chief Audit Executive, Kaiser Permanente (KP). She provides leadership to the department to execute the right work in partnership with clients and other risk management units to add value to the organization. Prior to KP, she was a Managing Director at Ernst & Young (EY).  During her 14 years at EY, she served in the assurance, advisory and the national healthcare risk practices.
Debbie has held several volunteer leadership roles within the Information System Audit and Control Association (ISACA) including Los Angeles chapter president, the COBIT Steering Committee, credentialing task force to develop the CRISC certification for IT risk practitioners, the Audit Committee, and a director on the global ISACA board.  She was also a member of the Institute of Internal Auditors’ IT Guidance Committee. She currently serves on the advisory board of California State University, Northridge and on Cal Poly Pomona’s Cybersecurity Advisory Council.

Mark Neu, Renown Health

Mark Neu serves as the Chief Compliance Officer at Renown Health in Reno, Nevada.  Internal Audit reports to Compliance at Renown.  Renown Health is an integrated health system that includes a Level 2 Trauma center, a children’s hospital, a hospice, home health, a multi-specialty medical group, a health plan, an ACO REACH program, and an affiliation with the University of Nevada, Reno School of Medicine.  Prior to joining Renown, Mr. Neu was the Compliance Officer for Alta Hospitals in Los Angeles. Prior to Alta, Mr. Neu was the Vice President of Compliance, Audit and Legal for Palomar Health in San Diego.   Mr. Neu has also held leadership roles in compliance at the University of California San Diego Health System, and Tenet Healthcare.



Hayley Oakes, Grant Thornton

As a Senior Manager at Grant Thornton, Hayley Oakes is committed to delivering value in abundance to a wide variety of healthcare clients and organizations. Specializing in revenue cycle management, EHR systems, data analytics, and risk management, Hayley has led outsource and co-source clients internal audit programs, enterprise-wide risk assessments, and compliance projects. She has also overseen large scale system implementations as well as revenue cycle redesign and optimization efforts. She enjoys collaborating with clients to determine the right solution and approach to address key organizational risks, meet regulatory and reporting requirements, and identify operational efficiencies.



Richard Riter, Moss Adams

Melaney Scott, Moss Adams

Melaney Scott has over 20 years of combined experience in all facets of GAAP accounting, finance, and auditing. She has experience auditing based on COSO, GASB, GAAS, GAGAS, and IIA standards. Specific experience includes managing the planning, preparation, and execution of risk based financial, federal (Uniform Guidance – Single Audit, regulatory compliance, HIPAA, 340B Drug Pricing Program) audit programs, covering contracting, operational, and financial related audits; leading day-to-day activities of audit teams on complex and multiple audits to ensure audit objectives are met. Her expertise includes physician compensation, policy and procedure review and development, data analytics, procurement to payment cycle, payroll, joint venture agreements, HIPAA Privacy and 340B Drug Pricing Program assessments and program development.


Lauren Shaw, Senior Manager, Deloitte


  • Christy Decker-Weber, VP of Internal Audit Services, Sharp HealthCare
  • Stacy Stelzriede – National Practice Leader, Hospitals and Health Systems
  • Mary Wright – Health Care Hospital and Health Systems Partner
  • Tyler Ribail – Health Care Internal Audit and Regulatory Compliance Senior

Thank You To Our Sponsor 

My alt text


October 5, 2023
8:00 am - 5:00 pm


Sharp Health Plan 8520 Tech Way San Diego, CA 92123
Sharp Health Plan 8520 Tech Way
San Diego, CA 92123 United States
+ Google Map