Overview: If you handle any electronic patient information, don`t miss this teleconference on compliance with the HIPAA security regulation.
Electronic patient information is everywhere; not only is electronic protected health information in the obvious places such as practice management systems and electronic medical records, but also in less obvious places such as copiers, printers, scanners, cell phones, and portable data devices.
Why you should attend: The HIPAA Security Rule, in place and as proposed in amendments going into effect in 2011, calls for all Covered Entities and Business Associates, and their subcontractors, to be in compliance with provisions protecting all kinds of electronic protected health information. While many entities have gone through the processes necessary for HIPAA Security Rule compliance, many are only partially in compliance and have not performed all the steps necessary for compliance. Many may be doing many of the right things for compliance, but have not documented their policies and procedures and compliance activities as required. And many may be exposing themselves to potential breaches of security because of inadequate security practices. Now there are new, increased penalties for HIPAA violations and a new auditing process is being developed so that HIPAA covered entities will be subject to reviews by the US Department of Health and Human Services` Office for Civil Rights even if no one files a complaint. If you haven`t done what s required under the HIPAA Security Rule, you could be liable for willful neglect penalties that begin at $10,000 minimum and go up from there. You need to be sure that you have completed an information flow analysis and a risk analysis and put in place the proper protections to secure protected health information, and documented all your policies and procedures, as well as any actions taken pursuant to your policies and procedures. What`s more, with the breach notification regulations established in 2009, the costs of not properly securing your data have increased dramatically. With the ever-increasing use of electronic records and systems, and changes in how you do business, now is the time to review and renew your information security program and avoid violations and penalties for non-compliance.
Areas Covered In the Seminar: - Learn what kinds of entities are now covered under the HIPAA Security Rule
- Find out how the rules have changed and will continue to change
- See the questions you are likely to be asked in a HIPAA Security compliance audit
- Learn how to go about developing and implementing your compliance plan
- Discover how information flow analysis and risk analysis can make sense of your compliance objectives
- Find out about the special security challenges of remote access and portable devices
- Come away with a six-step plan to organize your security compliance project
Agenda: - Information Security Requirements Under HIPAA
- The Regulatory Background of HIPAA
- Overview of Security Requirements
- Recent Changes to HIPAA Security Requirements
- Structure of the HIPAA Security Regulation
- The Security Rule Compliance Process
- Concepts of Compliance with the Security Rule
- Flexibility Provisions - one size does not fit all
- The Six-Step Compliance Plan
- The HIPAA Security Safeguards
- Being Prepared for Breach Notification
- Information Flows and Risk Analysis
- Why Information Flow Analysis and Risk Analysis Are Essential
- Concepts of Information Flow Analysis and Risk Analysis
- Planning Your Compliance Process
Who will benefit: - Compliance director
- CEO
- CFO
- Privacy Officer
- Security Officer
- Information Systems Manager
- Office Manager
