Did you know that failure to comply with HIPAA, the DHHS Privacy and Security regulations, and the HITECH Act can result in hefty fines and even imprisonment? DHHS has said that it will also focus on board members, CEOs, and management, not just "worker bees." You are responsible for compliance. How can you ensure that you are meeting federal and state statutes and regulations to protect patients' privacy of health information?
This Webinar is designed to educate covered entities and business associates what you need to know to become HIPAA Compliance Audit Ready, and how to avoid civil and criminal convictions. HIPAA violation settlements and civil money penalties range from $100,000 to $4.3 million and have involved small physician practices and a hospice, as well as major health systems and health plans. The DHHS findings almost always cite one or more of the following areas as being non-compliant:
- Failure to perform a risk analysis.
- Failure to update a risk analysis.
- Failure to implement reasonable and appropriate security measures, including adopting policies and procedures.
- Failure to train the workforce
- Workstation security including encryption
Many Covered Entities and Business Associates do not have their HIPAA compliance program in place. Richard will share insights on how to adopt and implement HIPAA policies and procedures. He will explain the importance of educating your workforce on the privacy, security and breach notification requires. His seminar details the new Omnibus (Mega) rule changes. Learn which policies should be reviewed and updated to conform to current requirements.
Why should you attend:
With the recent changes in the even stricter HIPAA regulations, are you prepared for a HIPAA Compliance Audit with DHHS, OIG, OCR or CMS? What would you do if the FTC accused you of a deceptive trade practice because you did not protect PHI correctly? Failure to handle a breach properly can have many bad effects.
And not all of them result from an enforcement action by DHHS. Losing a laptop containing Protected Health Information ("PHI") can result in DHHS imposing a civil money penalty but also can result in bad publicity; loss of patients; inability to receive reimbursement because you don't have a record of the transaction; the cost of mailing notifications to the victims of the breach; other mitigation costs, such as purchasing identity theft insurance for the victims if identity theft is a big risk. Learn what is and is not a reportable breach. Learn how to mitigate the effects of a breach by learning how to develop an unavoidable employee misconduct defense.
Areas Covered in the Session:
Who Will Benefit:
- Overview of the HIPAA privacy and security rules
- Discussion regarding the stepped-up civil and criminal penalties
- How to determine your HIPAA Compliance "Gaps"
- What are "reasonable and appropriate" security measures
- Understand the critical requirements for security
- Determine if organizations training is efficient
- HIPAA compliance and Security Officers
- HIPAA Privacy Officers
- Human Resources Directors
- Medical Records Personnel
- Health Information Management Professionals
- Patient Accounts Managers
- Billing Services
- Mental and Behavioral Health Professionals