The HIPAA Privacy Rule is undergoing significant changes that have increased both the breadth of entities subject to the rule and the compliance work needed, with expanded patient rights. The HITECH Act passed in 2009 brings about changes to things like who is a Business Associate and who is responsible for their compliance and any HIPAA violations they make. The new requirements have a direct impact on what needs to be put into the business associate agreements you establish. There are also new requirements to allow individuals to receive electronic copies of information held electronically, requiring that entities clearly define their HIPAA Designated Record Set, and proposed Accounting of Disclosures rule changes make defining the DRS even more important. Also included are new requirements to restrict the flow of information in certain circumstances, and new restrictions on certain uses and disclosures.
Covered entities that use electronic health records (EHRs) will need to meet new access and disclosure rules and all kinds of business associates will need to establish new compliance programs. On top of the changes, there are now audits by the US Department of Health and Human Services under way, and the new regulations call for mandatory penalties in the event of willful neglect of the regulations.
Join Jim Sheldon-Dean, in this 60-minute audio conference where he will review new regulations and will discuss their effects on usual practices. Jim will show what policies need to be changed and how, learn how disclosures must be tracked in an EHR, review of the various ways patient records can be supplied electronically, what policies and evidence you need to produce if you are audited by the HHS Office of Civil Rights, and explain what a Business Associate needs to do differently under the new regulations. The new enforcement penalty structure and the latest audit programs by HHS OCR will be described.
Highlights Of The Session:
Who should attend? Compliance Manager, HIPAA Officer, Chief Information Officer, Health Information Manager, Medical Office Manager, Medical Practice Lawyer, CFO, CEO, COO. Privacy Officer, Information Security Officer.
- Duane C. Abbey, Ph.D.
- Christine M. Duprey,
- Thomas J. Force, Esq.
- Sue Dill Calloway, RN, MSN, JD
- Elin Baklid-Kunz, MBA, CHC, CPC, CPMA, CCS, AHIMA-Approved
- Jim Sheldon-Dean,
Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities. He is a frequent speaker regarding HIPAA, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference. Sheldon-Dean has more...
More Events By The Speaker