The HIPAA Privacy Rule, which went into effect in 2003, required that entities keep track of all the disclosures they make of Protected Health Information (PHI) outside of those necessary for Treatment, Payment, and Healthcare Operations (TPO). With Electronic Health Record (EHR) systems in place, which keeps a track of disclosures made for all reasons, including those for TPO, and a proposed regulation has been issued to implement the law. The new regulation includes not only the removal of the exclusion for disclosures for TPO, but also a new individual right to an access report showing all accesses of any PHI held in the Designated Record Set.
Under the proposed regulation, individuals can request a full accounting of uses and disclosures, including TPO, from all kinds of electronic record systems and it has become important for every entity that maintains electronic records to get prepared to comply with such requests.
Jim Sheldon-Dean, in this 60 minute session will describe:
Who should attend? Compliance Manager, HIPAA Officer, Chief Information Officer, Health Information Manager, Medical Office Manager, Medical Practice Lawyer, CFO, CEO, COO. Privacy Officer, Information Security Officer.
- Duane C. Abbey, Ph.D.
- Wayne J. Miller, Esq.
- Thomas J. Force, Esq.
- Sue Dill Calloway, RN, MSN, JD
- Susan Ulrey,
- Jugna Shah, MPH
Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities. He is a frequent speaker regarding HIPAA, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference. Sheldon-Dean has more...
More Events By The Speaker