This HIPPA compliance webinar will discuss the issues in patient information privacy and security that healthcare organizations will face in 2018 and how to ensure compliance with HIPAA that will withstand incidents, audits, and investigations by HHS.
Why Should You Attend:
This session will provide the attendee a review of the current enforcement actions, audit focus, privacy, security, and breach issues, and expected regulatory changes in HIPAA, and help the compliance specialist prepare for a year of HIPAA work including responding to issues and planning for regular compliance activities.
The most significant issues facing HIPAA professionals will be presented as well as the regular processes that should be in place to help avoid issues in the first place. We will discuss how to consider risk analysis as a means to planning your mitigation activities, and how to plan out dealing with the issues discovered in he analysis, describing how to use simple tools to manage your compliance over time. The importance of using all the safeguards in the regulations will be illustrated by one result of not monitoring access of health information: a $5.5 million penalty for not monitoring access and allowing inappropriate access to continue for years unchecked.
The HHS focus on providing patients access to their PHI will be explored by examining the recent audit questions on the topic and the guidance released by HHS on the topic in 2016, twice expanded and updated since the original release. Patient access of data continues to be an important topic at the US DHHS, and can be expected to be a focal point of enforcement activity.
The HHS and FBI guidance on Ransomware will be explored, so that you can have an idea of how to best protect your office from the latest tool of the hackers, and how to respond if you are targeted. We’ll also cover how to provide the best training and education to prevent these issues.
We will use a number of resources, such as guidance from HHS and the National Institute of Standards and Technology (NIST) to examine the role of portable devices, e-mail, and texting in health care, and how to be more productive with these tools while maintaining compliance and protecting patient information.
New rules expected for Accounting of Disclosures will be explored and their expected futures and impacts will be discussed, and impacts of changes to 42 CFR Part 2 and controls on information relating to substance use disorders will be explained
Areas Covered in the Webinar:
- Recent focus of Audits and Enforcement activity
- How to be prepared for enforcement actions
- Risk Analysis and Risk Mitigation planning and execution
- The importance of monitoring access to PHI
- Handling Patient Access of PHI properly
- Being ready for Ransomware and responding properly if you’re hit
- How to manage portable devices, e-mail, texting, and encryption in a variety of circumstances
- New rules on the horizon: expected changes to Accounting of Disclosures and more
Jim Sheldon Dean,
Director of Compliance Services ,
Lewis Creek Systems, LLC
Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities.
Sheldon-Dean serves on the HIMSS Information Systems Security Workgroup, has co-chaired the Workgroup for Electronic Data Interchange Privacy and Security Workgroup, and is a recipient of the WEDI 2011 Award of Merit. He is a frequent speaker regarding HIPAA and information privacy and security compliance issues at seminars and conferences, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference in Washington, D.C.
Sheldon-Dean has more than 30 years of experience in policy analysis and implementation, business process analysis, information systems and software development. His experience includes leading the development of health care related Web sites; award-winning, best-selling commercial utility software; and mission-critical, fault-tolerant communications satellite control systems. In addition, he has eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master's degree from the Massachusetts Institute of Technology.