This 4-hour seminar takes the participants through HIPAA compliance from start to compliance.
The first presentation explains the history of HIPAA, why it came into being, and its evolution. This covers what HIPAA is, what steps have to be performed to be HIPAA compliant, and what HIPAA compliance is. It also provides definitions of key HIPAA terms, how to define a Business Associate, and how to contract with Business Associates. The second part of the first presentation is an overview of how to manage the HIPAA compliance project.
The second session describes what a Risk Assessment is and how to perform a risk assessment. The materials take the participant through the factors of HIPAA compliance and how to perform a HIPAA Risk Assessment. This encompasses taking the participants through how to do a HIPAA Privacy Risk Assessment, how to do a HIPAA Security Assessment, and how to interpret the results, set priorities, and develop a plan for addressing the Risk Assessment findings.
The third session takes the participants through how to prepare a set of HIPAA Policies and Procedures. This includes how to reference the HIPAA regulations in preparing the policies and procedures, how to reference the prior HIPAA Risk Assessments, and how to prepare the HIPAA training materials.
The fourth session provides the participants with an orientation on the role of IT services in the healthcare organization in addressing the organization's HIPAA compliance. This encompasses understanding what role IT hardware and software play in the HIPAA compliance process, what responsibilities IT vendors should have, and how to work with vendors. The materials will discuss IT security in the context of an overall organization security program including the value and approach of an IT security vulnerability test.
In the last session, participants will review what a HIPAA breach is and what to do when a HIPAA breach occurs. This includes determining if a notification occurred, notification requirements, and mitigation options.
There will be a wrap-up and discussion session providing an opportunity for the participants to discuss specific issues they may have or get direction regarding particular approaches for HIPAA compliance.
Breaches are almost impossible to escape - recent studies show that approximately 90% of covered entities and business associates have had at least one breach of a patient's protected health information. And, HIPAA federal penalties can be significant.
Compounding the issue is that almost all states have incorporated the HIPAA regulations, in one form or another, into their state healthcare privacy laws, and/or the courts have accepted the HIPAA regulations as the standard of care for protecting a patient's health information. It is important for the health care organization to know what is expected by the regulations.
To satisfy your HIPAA compliance requirements, healthcare management and staff need to understand the HIPAA privacy and security regulations, understand how to assess your healthcare organization's HIPAA compliance status, and understand the role of each of the members of your workforce in meeting your compliance requirements and know what to do if there is a breach of your patient health data.
This seminar provides an in-depth review of these subjects and leaves the participant with a solid understanding of what has to be done to be HIPAA compliant.
The first presentation explains the history of HIPAA, why it came into being, and its evolution. This covers what HIPAA is, what steps have to be performed to be HIPAA compliant, and what HIPAA compliance is. It also provides definitions of key HIPAA terms, how to define a Business Associate, and how to contract with Business Associates. The second part of the first presentation is an overview of how to manage the HIPAA compliance project.
The second session describes what a Risk Assessment is and how to perform a risk assessment. The materials take the participant through the factors of HIPAA compliance and how to perform a HIPAA Risk Assessment. This encompasses taking the participants through how to do a HIPAA Privacy Risk Assessment, how to do a HIPAA Security Assessment, and how to interpret the results, set priorities, and develop a plan for addressing the Risk Assessment findings.
The third session takes the participants through how to prepare a set of HIPAA Policies and Procedures. This includes how to reference the HIPAA regulations in preparing the policies and procedures, how to reference the prior HIPAA Risk Assessments, and how to prepare the HIPAA training materials.
The fourth session provides the participants with an orientation on the role of IT services in the healthcare organization in addressing the organization's HIPAA compliance. This encompasses understanding what role IT hardware and software play in the HIPAA compliance process, what responsibilities IT vendors should have, and how to work with vendors. The materials will discuss IT security in the context of an overall organization security program including the value and approach of an IT security vulnerability test.
In the last session, participants will review what a HIPAA breach is and what to do when a HIPAA breach occurs. This includes determining if a notification occurred, notification requirements, and mitigation options.
There will be a wrap-up and discussion session providing an opportunity for the participants to discuss specific issues they may have or get direction regarding particular approaches for HIPAA compliance.
Why you should attend
The need for HIPAA compliance has evolved since the HIPAA laws were passed in 1996. In addition, as technology has advanced into more use of the internet and web-based hardware and software resources, compliance has also become more difficult and complex. Now both covered entities (providers of health care services) and their business associates (support vendors) have to implement comparable compliance measures.Breaches are almost impossible to escape - recent studies show that approximately 90% of covered entities and business associates have had at least one breach of a patient's protected health information. And, HIPAA federal penalties can be significant.
Compounding the issue is that almost all states have incorporated the HIPAA regulations, in one form or another, into their state healthcare privacy laws, and/or the courts have accepted the HIPAA regulations as the standard of care for protecting a patient's health information. It is important for the health care organization to know what is expected by the regulations.
To satisfy your HIPAA compliance requirements, healthcare management and staff need to understand the HIPAA privacy and security regulations, understand how to assess your healthcare organization's HIPAA compliance status, and understand the role of each of the members of your workforce in meeting your compliance requirements and know what to do if there is a breach of your patient health data.
This seminar provides an in-depth review of these subjects and leaves the participant with a solid understanding of what has to be done to be HIPAA compliant.
Agenda
- What is HIPAA, who is covered, and what is HIPAA Compliance
- Why the healthcare organization should be concerned about HIPAA compliance
- How to perform a HIPAA Risk Assessment
- How to prepare HIPAA Policies and Procedures
- What is IT's role in the healthcare organization's HIPAA Compliance
- How to handle a potential HIPAA Breach
Speaker
Jim Wener has over 40 years of experience in assisting health care organizations – both providers and payers- in identifying their automation requirements and helping these organizations select and successfully implement the automation most applicable for their needs. His systems and processes background and his experience in working with health care data has given Mr. Wener a unique perspective regarding the issues related to implementing new health care models and how they affect all of the stakeholders in the health care system.
Who Should Attend
- Health Care Organization Ownership and Senior Management
- Office Management
- Business Associates
- Physicians
- Ancillary Service Organizations (Pharmacies, Labs, Radiology)
- HIPAA Compliance Professions
- Health Care System Vendors