HIPAACompliance 2014 - Road Map to HIPAA Compliance

Overview: The webinar will explain the process for covered entities and business associates to initially come into HIPAA compliance and to stay compliant. It will demonstrate the following: who should be involved in the compliance effort; how to assess the degree of compliance at the beginning of the process through a gap analysis; the steps to achieve compliance, including risk analysis, development of policies and other documents, and required training; how to assess whether compliance was reached; and how to ensure that the entity remains compliant, including what to do if a HIPAA violation occurs.
Why should you attend: The majority of the DHHS civil money penalties and settlements in lieu thereof involve, sometimes with other violations, failure to perform a written risk analysis, failure to develop required policies, and failure to conduct adequate HIPAA training. These penalties usually are in the seven-figure range. Failure to conduct a written risk analysis, adopt required policies, or conduct required training qualifies as "willful neglect," which carries the highest civil money penalty ("CMP") and which penalty cannot be waived by DHHS as can violations due to a reasonable cause.
DHHS entered into a settlement with Massachusetts General Hospital for $1 million for a breach involving leaving paper PHI records on a subway. The sanction was because Massachusetts General had not trained its workforce on proper security for PHI taken offsite and did not have a work-at-home policy. Significantly, HIPAA does not even mention working at home, much less specifically require such a policy.
Another civil money penalty, this time for $4.3 million, involved failure to provide patients their HIPAA right of access to their medical records. Thus, having a good process to ensure compliance with all of HIPAA's requirements, both stated and implied ones, is crucial to protecting patients and avoiding HIPAA's severe penalties.
Areas Covered in the Session:
Identify who should be involved in the process
Conduct a gap analysis
Conduct a written risk analysis
Assemble a good team
Identify assets
Identify risks
Quantify risks
Select reasonable, appropriate, and cost effective security measures
Test and revise security measures
Appoint key personnel
Identify and adopt required policies and procedures
Identify the need for and conduct required training
Identify the need for and adopt other required documents, such as business associate agreements, consents, authorizations, notices of privacy practices, and the like
Ensure that patient rights are properly afforded
Periodically audit the state of your compliance and make required adjustments
Questions and answers
Who Will Benefit:
HIPAA Compliance Officers
HIPAA Security Officers
HIPAA Privacy Officers
CFOs
CIOs
Business Office Managers
Medical Records Personnel
Billing Services
Educational Objectives(S)
Upon completion of this activity, participants will be able to:
Explain the process for covered entities and business associates to initially come into HIPAA compliance sand to stay compliant.
CME Credit Statement
This activity has been planned and implemented in accordance with the Essential Areas and Policies of the Accreditation Council for Continuing Medical Education (ACCME) through the joint sponsorship of CFMC and MentorHealth. CFMC is accredited by the ACCME to provide continuing medical education for physicians.
CFMC designates this educational activity for a maximum of 1.5 AMA PRA Category 1 Credits™. Physicians should only claim credit commensurate with the extent of their participation in the activity.
Other Healthcare Professionals Credit Statement
This educational activity has been planned and implemented following the administrative and educational design criteria required for certification of health care professions continuing education credits. Registrants attending this activity may submit their certificate along with a copy of the course content to their professional organizations or state licensing agencies for recognition for 1.5 hours.
Disclosure Statement
It is the policy of CFMC and MentorHealth that the faculty discloses real or apparent conflicts of interest relating to the topics of the educational activity. All members of the faculty and planning team have nothing to disclose nor do they have any vested interests or affiliations
#
Obtaining Certificate of Credit
Colorado Foundation for Medical Care (CFMC) hosts an online activity evaluation system, certificate and outcomes measurement process. Following the activity, you must link to CFMC's online site (link below) to complete the evaluation form in order to receive your certificate of credit. Once the evaluation form is complete and submitted, you will be automatically sent a copy of your certificate via email. Please note, participants must attend the entire activity to receive all types of credit. Continuing Education evaluation and request for certificates will be accepted up to 60 days post activity date. CFMC will keep a record of attendance on file for 6 years.
Richard D. Dvorak J.D., is a health care attorney and partner in the law firm of TOMES & DVORAK, CHARTERED, a Kansas City area law firm. The firm has Martindale-Hubbell’s highest rating, AV (“A” is for preeminent in the field of practice and “V” is for highest ethics). After serving eight years in the United States Marine Corps, Richard obtained his law degree from Chicago-Kent College of Law in 1992. He is licensed to practice law in Illinois, Missouri, and Kansas, including various U.S. federal courts. Mr. Dvorak’s extensive litigation experience includes medical malpractice, physician licensure, mental health disability cases, military cases, and criminal cases, among others.
MentorHealth
webinars-AT-mentorhealth.com
Phone No: 800-385-1607
FaX: 302-288-6884
Event Link: http://bit.ly/JqDo7w