The HIPAA Privacy, now modified by the Health Information Technology for Economic and Clinical Health (HITECH) Act, spells out how patients and health plan members’ medical and claims information can be used and disclosed with and without authorization. It addresses what covered entities and business associates are required to do to comply with federal privacy requirements and it spells out individuals’ privacy rights. The question remains do covered entities and business associates really know what is mandated and are workforce members actually trained.
Many HIPAA myths abound because of the lack of knowledge about the rule, misunderstandings that have grown into those myths and fear of legal risk. That lack of knowledge and spread of mis-information occurs at the compliance management level and, though lack of policies, procedures and training, uninformed workforce members. When it comes to protecting an individual’s privacy or sharing health information about that individual, lack of knowledge or missing facts can be damaging to the individual and to the covered entity or business associate.
The purpose of this webinar is to assist covered entities and business associates dispel myths that hamper quality patient care, lead to confusion and frustration in the workforce and those such as family involved in an individual’s care, and other adverse events. It's sometimes a good idea to go all the way back to the basics and build on a sound foundation of knowledge to enhance understanding that results in positive events. The audience will be taken back to the beginning for a refresher before moving on to new HITEH Act requirements and some of the more common privacy myths that can hamper the needed exchange of health information and the quality of care.
Participants will walk away with updated privacy templates and related checklists that will assist with training at the compliance planning level and assist in providing up-to-date information to pass along to workforce members. Some of the more common privacy policies that go beyond the HIPAA Privacy Rule will also be covered as well as state privacy law and how it fits with HIPAA.
This webinar will also cover changes to the HIPAA Privacy Rule made following the passage of the HITECH Act. Even though OCR has yet to publish the final privacy and security rule, it does not mean these new requirements are not in effect now. OCR announced it would not enforce provisions of the HITECH Act absent rule. That really amounts to someone else is enforcing those provisions versus the provisions are not in effect. The HITECH Act did grant state attorneys general the power to enforce the Act through federal court and a number of state attorneys general have done just that. To avoid potential legal problems with states, it is important to understand what is required now by statute and update privacy practices if they haven’t been updated already that shows covered entities and business associates are compliant.
The audience will have an opportunity to raise questions about myths that may not be covered during this webinar but are still out there. The end goal is to identify as many myths as can be addressed in 90 minutes and replacing those myths with facts that can improve privacy practices and reduce headaches.
Areas Covered in the Session: