Any provider that transmits any information in electronic form (doctors, clinics, hospitals, surgical centers, psychologists, dentists, chiropractors, nursing homes, assisted living, pharmacies, etc.) is a covered entity under HIPAA and, therefore, must comply with HIPAA laws and regulations.
The Health Insurance Portability and Accountability Act of 1996 was passed by Congress in order to require the Department of Health and Human Services (HHS) to develop national rules for the protection of electronic healthcare information.
The rules mandated that states adopt these federal protections. The HI-TECH act, a part of HIPAA, also known as the Health Information Technology for Economic and Clinical Health Act of 2009 was adopted as part of the American Recovery and Reinvestment Act.
It was intended to promote the adoption of and meaningful use of electronic medical records and it addresses and strengthens penalties for violation of HIPAA protections of electronic health information.
The three main HIPAA rules that make up the newly revised OMNIBUS Rue of 2013 include: Privacy Rule: Establishes the set of national standards for the protection of health information.
Security Rule: Establishes the set of national standards for the protection of health information that is electronically stored and/or transmitted.
Breach Notification Rule: Establishes the set of national notification requirements if a Covered Entity discovers a breach of unsecured protected health information.
Attendees will be provided with an overview of the basic requirements under HIPAA, including:
- Notice of Privacy Practices
- Uses and Disclosures of Protected Health Information
- Privacy Officer Designation
- Patient Access to Protected Health Information
- Administrative, Technical and Physical Safeguards
- Business Associate Requirements
Each of these important requirements will be discussed and the proper process for implementation reviewed. Attendees will learn the importance of appointing a practice Privacy Officer. All practices should have one individual who is the designated Privacy Officer. It is this individual's responsibility to make sure that the practice meets all requirements of HIPAA.
The Privacy Officer should:
- Perform regular internal Compliance Risk Assessment reviews
- Conduct regular staff training on the requirements and implementation of HIPAA
How to conduct a Risk Assessment as well as how to determine if an incident is unreportable, or a reportable breach, will also be discussed.
The federal Office for Civil Rights ("OCR") has the duty and responsibility to investigate complaints or reports of potential HIPAA violations and to continuously monitor entities required to comply with HIPAA ("Covered Entities") for compliance.
OCR began a preliminary pilot program for random compliance audits of Covered Entities in 2015. All practices are now on notice that they can be inspected at any time, for any reason.Complaints to OCR are no longer the only method by which a practice's HIPAA compliance can be called into question.
Any practice manager, owner, subcontractor or employee should be fully versed in HIPAA!
Why should you Attend: HIPAA compliance is one of the most cited and least understood laws in the typical medical practice. Although HIPAA has been in place for decades, it has changed rapidly in the last ten years due to the rapid proliferation of technology in medicine.
In addition to these progressive changes, the law itself underwent a major overhaul in 2013 resulting in any practice that has not updated their HIPAA materials since that time being out of compliance. The speaker will highlight the major changes that must have been implemented after the 2013 HIPAA updates.
Thereafter, the attendee will learn the basic requirements for a Notice of Privacy Practices as well as when authorizations are and are not required for the use and disclosure of a patient's protected health information.
The latter half of the webinar will focus on identification of a breach and what the required process is to remedy a breach if it is determined one has occurred.
The federal Office for Civil Rights, the government entity tasked with enforcing HIPAA began a preliminary pilot program in 2015 to ensure a certain number of random compliance audits of Covered Entities.
The initial overview of HIPAA requirements and policies will help the attendee determine if his or her practice is compliant. Thereafter, the speaker will highlight what "red flags" the Office for Civil Rights looks for when determining whether to audit a practice and learn what to do in the event you are selected for a random audit.
Areas Covered in the Session:
- Determining Level of Compliance with HIPAA
- Recognizing areas that Need to be Brought into Compliance
- Learning how to Analyze a Breach
- Current Trends in Enforcement Actions
Who Will Benefit:
- Health Care Providers
- Practice Mangers
- Privacy Officers
- Office Managers
- Medical Record Clerks
- Non-Clinical Health care Employees and Contractors
- Business Associates of Health Care Providers
|10:00 AM — 11:00 AM|
|No. of Days:||1|
• They can get the benefit of advice from experts in the field.
• Healthcare professionals will have the flexibility of viewing recorded webinars at their convenience.
• MentorHealth offers online interactive participation. Using this, healthcare professionals, no matter which part of the world they are based in, will have the opportunity to listen to and interact with some of the most accomplished experts in the healthcare Industry.
MentorHealth is driven by a core objective –that of being a platform for learning and discussion to address some of the important issues and challenges that the healthcare community, consisting of healthcare workers from doctors to nurses to other support staff, is up against in today‘s scenario. Various aspects of healthcare, such as Meaningful Use, Patient Protection and Affordable Care, HIPAA, HITECH Act, Stark and Anti Kickback Act, Valid Consent, Patient Safety and Process Improvement, Patient Safety and Quality Outcomes, Healthcare Information Technology Standards Panel (HITSP), Substance Abuse and Mental Health Records, Nursing Informatics, Healthcare Disclosure, Electronic Transactions Standards such as 5010 and ICD-10, Electronic Health Records, Stimulus Code, Healthcare Information Exchange, Healthcare Information Technology, Medical Necessity, Personal Health Records, Clinical Decision Support, Financial Management and ROI, Electronic Prescribing, Healthcare Information Systems, Clinical Informatics, Insurance Claim Appeals, Auto ID and Bar Coding, Integration and Interoperability, Risk Management in the Retention and Destruction of Medical Records and Medical Records Law, to name just a few, are covered. ...