HIPAA Privacy Rule Amendments: What's Changed and How You Need to Change
Impact Of The Changes In HIPAA Privacy Rule.
The HIPAA Privacy Rule is undergoing significant changes that have increased both the breadth of entities subject to the rule and the compliance work needed, with expanded patient rights. The HITECH Act passed in 2009 brings about changes to things like who is a Business Associate and who is responsible for their compliance and any HIPAA violations they make. The new requirements have a direct impact on what needs to be put into the business associate agreements you establish. There are also new requirements to allow individuals to receive electronic copies of information held electronically, requiring that entities clearly define their HIPAA Designated Record Set, and proposed Accounting of Disclosures rule changes make defining the DRS even more important. Also included are new requirements to restrict the flow of information in certain circumstances, and new restrictions on certain uses and disclosures.
Covered entities that use electronic health records (EHRs) will need to meet new access and disclosure rules and all kinds of business associates will need to establish new compliance programs. On top of the changes, there are now audits by the US Department of Health and Human Services under way, and the new regulations call for mandatory penalties in the event of willful neglect of the regulations.
Join Jim Sheldon-Dean, in this 60-minute audio conference where he will review new regulations and will discuss their effects on usual practices. Jim will show what policies need to be changed and how, learn how disclosures must be tracked in an EHR, review of the various ways patient records can be supplied electronically, what policies and evidence you need to produce if you are audited by the HHS Office of Civil Rights, and explain what a Business Associate needs to do differently under the new regulations. The new enforcement penalty structure and the latest audit programs by HHS OCR will be described.
Highlights Of The Session:
- The new regulations change the way individuals have access to their records, and how much they can find out about who has accessed their records.
- Individuals can now request certain restrictions on disclosures that you must honor.
- There are new requirements for disclosers of health information to apply “minimum necessary” standards.
- EHR vendors must provide the new tools necessary for their users to meet HIPAA requirements.
- Business Associates have new requirements to comply with HIPAA privacy protections and security safeguards and are subject to enforcement and penalties directly by HHS.
- Sub-contractors of Business Associates, Health Information Exchanges, Regional Health Information Exchanges, and e-Prescribing gateways are now considered to be Business Associates
- New limitations on marketing and fund-raising may change how entities can reach out to individuals.
- The new penalty structure and the new audit program mean that you are more likely to be audited for HIPAA compliance, and you may be facing significantly higher penalties for non-compliance than ever before.
Who should attend? Compliance Manager, HIPAA Officer, Chief Information Officer, Health Information Manager, Medical Office Manager, Medical Practice Lawyer, CFO, CEO, COO. Privacy Officer, Information Security Officer.
Order Below or Call 866-458-2965 Today!
About Our Speaker
Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a variety of health care providers, businesses, universities, small and large hospitals, urban and rural mental health and social service agencies, health insurance plans, and health care business associates.
Sheldon-Dean serves on the HIMSS Information Systems Security... More Info
More Events By The Speaker
- Save money on travel.
- Meet your specific training needs.
- Keep learning after the event.
- Save time training your whole staff.