HIPAA Security and Breach Rule Compliance- Understanding Risk Analysis, Policies and Procedures and Managing Incidents
October 21 @ 11:00 am - October 22 @ 5:00 pm CDT$1299
With the many new developments in technology, threats to the privacy and security of health information, and stresses on compliance brought about by emergencies and pandemics, healthcare organizations are reviewing their compliance and making sure they have the proper policies, procedures, and forms in place. HIPAA Security Officers have been renewing their compliance activities and reviewing their documentation to make sure they can meet the challenges of the rules and avoid breaches and penalties for compliance violations as they survive the new stresses and demands on information systems managers and security managers across the country. Given the new realities of severe threats including ransomware and threats to patient safety, coupled with nationwide health emergencies and new technologies for communications, the work of safely meeting rules and legitimate healthcare needs can be overwhelming.
This seminar is designed to provide intensive, two-day training in HIPAA Security and Breach Notification Rule compliance designed for both the seasoned HIPAA professional as well as the individual newly appointed to the position of HIPAA Security Officer, including:
- What’s in the Security and Breach Notification regulations and what has changed?
- What are the new threats to the security of Protected Health Information?
- What are the HIPAA Security Safeguards and how do they work, particularly in emergencies when rules are relaxed?
- Where do Risk Analysis and Risk Assessment fit into the process, and what do they look like?
- What needs to be addressed for compliance by covered entities and business associates?
- What are the most important security issues?
- How does enforcement relate to the Security and Breach Notification Rules, and how might it be suspended during an emergency?
- Are HIPAA Audits continuing and how do we prepare for them?
- What needs to be done to be able to demonstrate your HIPAA compliance?
- What can happen when compliance is not adequate?
- Numerous references and sample documents will be provided.
This Seminar is designed for the HIPAA expert and HIPAA newbie alike who wishes to stay up with changes to HIPAA and related regulations in personal information privacy and security, as well as understand the regulatory issues most frequently encountered in day-to-day operation of health care entities, as well as during emergencies. Objectives include learning related to a variety of topics, including:
- Understand the structure of the HIPAA Regulations and how they work together
- Learn about the overall processes and objectives of the Security Rule, and how to interpret the rules
- Understand how to use Risk Analysis to make compliance decisions in the face of new threats
- Learn about using Risk Assessment and Risk Analysis to help discover and prioritize mitigation of risks
- Know what safeguards must be considered to provide security for health information
- Understand what makes a good information security policy
- Know how to respond to breaches and violations of Privacy and Security rules
- Learn how breaches occur and what steps can be taken to best avoid them
- Work through practical examples of risk analysis and breach analysis
- Learn how to deal with the modern portable technologies and communication methods
- Learn about how the HIPAA rules support the appropriate use of new technologies involving texting and telemedicine
- Find out about how rules may be relaxed in response to emergency circumstances, but must be observed otherwise
- Understand how to use policies, documentation, training, and drills to prepare for audits and incidents, and achieve good compliance
Who will Benefit
This seminar will provide valuable assistance to all personnel in medical offices, practice groups, hospitals, academic medical centers, insurers, business associates (shredding, data storage, systems vendors, billing services, etc.). The following personnel will find this session valuable:
- Compliance director
- Privacy Officer
- Security Officer
- Information Systems Manager
- HIPAA Officer
- Chief Information Officer
- Health Information Manager
- Healthcare Counsel/lawyer
- Office Manager
- Contracts Manager