New updates to the HIPAA regulations contain numerous changes based, for the most part, on The HITECH Act passed in 2009. Some of the most significant changes have to do with changes to individual rights under HIPAA that must be reflected in an entity’s HIPAA policies and Notice of Privacy Practices (NPPs). All HIPAA Covered Entities must update their policies, procedures, and Notices of Privacy Practices to reflect the changes in individual rights no later than September 23rd, 2013. Violations are subject to enforcement that can include fines up to $50,000 per day.
Included are, new requirements having to do with fundraising activity and an opportunity to opt out, new requirements for individuals to provide authorization for the sale of PHI, new rights of access to electronic records, new rights to restrict certain disclosures, and rights of notice in the event of a breach. Health Plans also have changes related to the Genetic Information Nondiscrimination Act (GINA) that must be reflected in their policies and notices.
Reimbursed marketing activity that may have been permissible without authorization from the individual under the old rules used to require notice in the NPP. Now all such marketing activity paid for by a third party wishing to promote a product or service will require authorization, and no longer needs to be specifically listed in the NPP.
Let our expert presenter Jim Sheldon-Dean, take you through the new regulations and their effects on HIPAA policies and Notices of Privacy Practices. The changes are numerous and many are subtle and require an in depth examination of your policies and Notice of Privacy Practices. Jim will describe the new rights that must be added into your policies and NPP, and identify the places where current rights have been modified. Moreover, he’ll also examine a typical policies and a typical NPP and describe the places where changes might best be made, and discuss the information that needs to be added or removed to meet requirements most efficiently and economically.
Who should attend? Compliance Manager, HIPAA Officer, Chief Information Officer, Health Information Manager, Medical Office Manager, Medical Practice Lawyer, CFO, CEO, COO. Privacy Officer, Information Security Officer.
Jim Sheldon-Dean is a healthcare compliance and HIPAA expert in the areas of privacy and security regulatory compliance and business process analysis. He is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of healthcare entities. Jim is a frequent speaker regarding HIPAA...
More Events By The Speaker