Netzealous LLC -MentorHealth, Online
2018-01-11
Training Options Duration: 90 Minutes Thursday, January 11, 2018 | 10:00 AM PST | 01:00 PM EST
Overview: Now that the HIPAA rules have been in place for more than a dozen years, the days of
advice and counseling have been replaced by a hard-nosed enforcement attitude, where HHS OCR
is ready to make health care organizations that violate the rules feel some pain for their
actions.
If your organization is not ready, the HIPAA rules have new, significantly higher fines,
including mandatory minimum fines of $10,000 for willful neglect of compliance. In addition,
HIPAA enforcement has taken on a new importance at HHS; officials have publicly stated that
enforcement is now a priority, and that means being ready for an audit or compliance review is
more important than ever.
If you don't take the proper steps to ensure your patients' rights and health information are
being protected according to the HIPAA Privacy, Security, and Breach Notification Rules, you
can be hit with significant fines and penalties. With the increased HIPAA fines beginning at
$10,000 in cases of willful neglect, following the privacy requirements, providing good
information security, and being in compliance are more important than ever.
In this session we will review the HIPAA enforcement actions that have taken place and examine
why the enforcement took place, and what could have been done to prevent the incident that led
to the enforcement. We will look at the requirements that were not met and discuss what HIPAA
entities need to do to ensure that the proper policies, procedures, training, and
documentation of their application are in place to prevent problems and limit the
organization's exposure in incidents.
In this session we will also discuss the HIPAA audit program and how it works, and discuss the
areas that caused the most issues in the 2012 and 2016 audits. We will explore what kind of
issues and what kind of entities had the most problems, and show where entities need to
improve their compliance the most, and also explore the typical risk issues that lead to
breaches of health information and see how those issues may be a target for auditors in the
next round.
We will discuss the HIPAA audit and enforcement regulations and processes, and how they apply
to HIPAA covered entities and business associates. We will explain the recent changes that
increase fines and create new penalty levels, including new penalties for willful neglect of
compliance that begin at $10,000.
The results of prior enforcement actions and HHS audits (and their penalties) will be
discussed, including recent actions involving multi-million dollar fines and settlements. In
addition, new trends in information security risks will be discussed so you can start to plan
for the work you'll need to do to stay in compliance and keep patient information private and
secure.
Why should you Attend: HIPAA enforcement is now a significant reality, and settlements for
violations are being announced more and more frequently. Now, with the increases in breach
reporting and the new random audit program, enforcement of HIPAA is something that every HIPAA
entity and business associate needs to be aware of and prepared for, by examining why prior
enforcement occurred and what could be done to prevent such problems.
HIPAA Compliance requires that you be prepared to handle Protected Health Information properly
and follow the requirements in the HIPAA Privacy, Security, and Breach Notification Rules. If
there is a problem that comes to the surface, through a complaint, breach, or audit, an
enforcement action can result. Enforcement actions include financial settlements that can
reach into the millions of dollars, as well as Corrective Action Plans that can take years to
complete and can cost many times the expense of the monetary settlements.
Violations originated from such simple things as returning copiers to the leasing company
without removing the PHI on the hard drive, moving offices without accounting for hard drives
stored in a closet, and improperly disposing of printed materials, that all could have been
prevented with the implementation of policies and procedures and training on them. Several
settlements for violations involve improper consideration of the requirements in the Security
Rule, which calls for extensive policies and procedures based on an accurate and thorough
entity-wide risk analysis.
Every entity under the HIPAA regulations needs to know why the enforcement actions took place
and what could have been done differently to prevent the violations that led to enforcement,
so they can avoid those issues and their significant impact. Failure to do so can lead to
financial settlements, fines, and/or corrective action plans that can severely impact your
organization.
Areas Covered in the Session: The HIPAA Privacy, Security, and Breach Notification regulations (and the recent changes to
them) and how their compliance will be evaluated in enforcement circumstances Recent changes to the HIPAA enforcement regulations that increase fines and create new penalty
levels, including new penalties for willful neglect of compliance that begin at $10,000 The information and documentation that needs to be prepared in advance so that you can be
ready for an enforcement review or an audit without notice The results of prior HHS enforcement actions and audits (and their penalties), including
recent actions involving multi-million dollar fines and settlements Questions asked in prior audits and enforcement reviews Identification of weaknesses in organizational compliance Future threats to the security of patient information The importance of a good compliance process to help you stay compliant more easily
Who Will Benefit: Compliance Director CEO CFO Privacy Officer Security Officer HIPAA Officer Chief Information Officer Health Information Manager Healthcare Counsel/Lawyer Office Manager
Speaker Profile Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems,
LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and
security regulatory compliance services to a wide variety of health care entities.
Sheldon-Dean serves on the HIMSS Information Systems Security Workgroup, has co-chaired the
Workgroup for Electronic Data Interchange Privacy and Security Workgroup, and is a recipient
of the WEDI 2011 Award of Merit. He is a frequent speaker regarding HIPAA and information
privacy and security compliance issues at seminars and conferences, including speaking
engagements at numerous regional and national healthcare association conferences and
conventions and the annual NIST/OCR HIPAA Security Conference in Washington, D.C.
Sheldon-Dean has more than 30 years of experience in policy analysis and implementation,
business process analysis, information systems and software development. His experience
includes leading the development of health care related Web sites; award-winning, best-selling
commercial utility software; and mission-critical, fault-tolerant communications satellite
control systems. In addition, he has eight years of experience doing hands-on medical work as
a Vermont certified volunteer emergency medical technician. Sheldon-Dean received his B.S.
degree, summa cum laude, from the University of Vermont and his master’s degree from the
Massachusetts Institute of Technology.
Price - $139
Contact Info: Netzealous LLC -MentorHealth Phone No: 1-800-385-1607 Fax: 302-288-6884 Email: support@mentorhealth.com Website: http://www.mentorhealth.com/ Webinar Sponsorship: https://www.mentorhealth.com/control/webinar-sponsorship/
|