Being in compliance with HIPAA in 2018 involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a breach investigation you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program.
If your healthcare practice, business, or organization needs to understand how to put HIPAA compliance program in place or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive 2 day training course.
Why Should You Attend?
With a new year upon us, is your organization keeping up with the HIPAA requirements mandated by the Code of Federal Regulations? Many organizations still need to fully understand the requirements of a compliance program.
Why? In 2016, there was a trend towards higher settlements payments. There were 7 settlements over $1 million including $5.5 million, $3.9 million, and $2.75 million and 12 overall resolutions settlements. In 2017, there was continued HIPAA enforcement with a number of new settlements announced and the trend will continue.
Roger Severino, the Director of OCR, has said "enforcement is a key aspect of HIPAA" and organizations must embrace a "new posture of preventive security."
Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and what steps need to be taken to mitigate risk. The seminar will include practical exercise to assist in knowing how to develop, review, and amend HIPAA policy and procedure. After completing this course, a Covered Entity or Business Associate will have a clear roadmap for what needs to be place when it comes to all of the HIPAA regulations.
Areas Covered in the Session:
- Why was HIPAA created?
- What is HITECH and the Omnibus Rule?
- Who Must Comply with HIPAA Requirements?
- What are the HIPAA Security and Privacy Rules?
- What is a HIPAA Compliance Program?
- What is a HIPAA Risk Management Plan?
- What is meant by "Required" and "Addressable" Implementation Specifications?
- What are Administrative, Technical, and Physical Safeguards Requirements?
- HIPAA policy and procedure practical exercise
- What is a HIPAA Risk Assessment?
- Risk Assessment practical exercise
- What are HIPAA training requirements?
- What is a HIPAA data breach and what happens if it occurs?
- What are the penalties and fines for non-compliance and how to avoid them?
- Creating a Culture of Compliance
Please note: the registration will be closed 2 days (48 Hours) prior to the date of the seminar.
Lecture 1 (90 Mins):
What is HIPAA, HITECH & the Omnibus Rule
An Exercise in Risk Mitigation & Breach Prevention
Designating HIPAA Privacy & Security Officials
Lecture 2 (90 Mins):
HIPAA Privacy Rule Requirements
Notice of Privacy Practices (NPP) Requirements
Understanding Authorized and Permitted Disclosures
Requirements for Tracking Disclosures
Lecture 3 (90 Mins):
HIPAA Security Rule Requirements
HIPAA Security Standards & Implementation Specifications
How to Manage the Business Associates Process
HIPAA Risk Assessment - Important First Step
Lecture 4 (90 Mins):
HIPAA Policies and Procedures - What Must be Covered
HIPAA Risk Management Plans
HIPAA Enforcement Trends - Lessons Learned
HIPAA & Social Media
Summary & Closing Remarks
Q&A will be included at the end of each session
- Physician Owners
- Practice Owners
- Compliance Officer
- HIPAA Privacy Officer
- HIPAA Security Officer
- Medical/Dental Office Managers
- Practice Managers
- Information Systems Manager
- Practice Management Consultants
- Chief Information Officer
- General Counsel/lawyer
President and Founder ,
Colington Security Consulting, LLC
Jay Hodes is a leading expert in HIPAA compliance and President of Colington Consulting. His company provides HIPAA consulting services for healthcare providers and business associates. Mr. Hodes has over 30 years of combined experience in risk assessments, site security evaluation, regulatory compliance, policy and procedures assessments, and Federal law enforcement management. He is the former Assistant Inspector General for Investigations at the U.S. Department of Health and Human Services.
Mr. Hodes has been the keynote speaker and provided presentations regarding HIPAA compliance to many professional healthcare organizations. He has published over 35 educational articles regarding HIPAA compliance, been featured in Part B News articles, the Report on Patient Privacy, provided a guest post in the Electronic Health Reporter, and provided advice on HIPAA compliance to Renal & Urology News and the Virtru.com blog.
Mr. Hodes is a member of member of the American Institute of Healthcare Compliance, Healthcare Information and Management Systems Society, American Society for Industrial Security, Metro Collaborative, the Practice Management Association of Northern Virginia, the Health Technology Forum: DC, Association of Elderservice Professionals (VA) and the Loudoun Seniors Interest Network.
Mr. Hodes is certified by the New Jersey Board of Dentistry and the Maryland State Board of Dental Examiners to provide continuing education classes in HIPAA compliance. In his free time, Mr. Hodes is a volunteer for Lab Rescue of the Labrador Retriever Club of the Potomac and the non-profit organization, Outer Banks Sporting Events.
Courtyard by Marriott Chapel Hill
100 Marriott Way