The A to Z of HIPAA Privacy, Security, and Breach Notification Rules

This session is designed to provide intensive, two-day training in HIPAA compliance, including what's new in the regulations, what's changed recently, and what needs to be addressed for compliance by covered entities and business associates.

Description:

This session is designed to provide intensive, two-day training in HIPAA compliance, including what's new in the regulations, what's changed recently, and what needs to be addressed for compliance by covered entities and business associates.

The session provides the background and details for any manager of healthcare information privacy and security to know what are the most important privacy and security issues, what needs to be done for HIPAA compliance, and what can happen when compliance is not adequate.

Audits and enforcement will be explained, as well as privacy and security breaches and how to prevent them. Numerous references and sample documents will be provided.

Who Will Benefit:

• Information Security Officers
• Risk Managers
• Compliance Officers
• Privacy Officers
• Health Information Managers
• Information Technology Managers
• Medical Office Managers
• Chief Financial Officers
• Systems Managers
• Legal Counsel
• Operations Directors

Agenda:

Day 1 Schedule

Day one sets the stage with an overview of the HIPAA regulations and then continues with presentation of the specifics of the Privacy Rule, recent changes to the rules, and the basics of the Security Rule

Lecture 1:

Overview of HIPAA Regulations

• The Origins and Purposes of HIPAA
• Privacy Rule History and Objectives
• Security Rule History and Objectives
• Breach Notification Requirements, Benefits, and Results

Lecture 2:

HIPAA Privacy Rule Principles, Policies and Procedures

• Patient Rights under HIPAA
• Limitations on Uses and Disclosures
• Required Policies and Procedures
• Training and Documentation Requirements

Lecture 3:

Recent and Proposed Changes to the HIPAA Rules

• New Penalty Structure
• New HIPAA Audit Program
• New Patient Rights
• New Obligations for Business Associates

Lecture 4:

HIPAA Security Rule Principles

• General Rules and Flexibility Provisions
• The Role of Risk Analysis
• Security Safeguards
• Training and Documentation

Day 2 Schedule

Day two begins with a detailed examination of HIPAA Security Rule requirements and what must be done to survive audits by the US Department of Health and Human Services, including an examination of how risk analysis can be used to drive compliance by the systematic examination of information flows and mitigation of risks discovered, and an exploration of the official HHS HIPAA Audit Protocol, including how to use the protocol to help manage your compliance work and its documentation. Finally, the day concludes with a session on the essential activities of documenting policies, procedures, and activities, training staff and managers in the issues and policies they need to know about and examining compliance readiness through drills and self-audits.

Lecture 1:

HIPAA Security Policies and Procedures and Audits

• HIPAA Security Policy Framework
• Sample Security Policy Content
• Recommended Level of Detail for Policies and Procedures
• The New HIPAA Compliance Audit Protocol

Lecture 2:

Risk Analysis for Security and Meaningful Use

• Principles of Risk Analysis for Information Security
• Information Security Management Process
• Risk Analysis Methods
• Risk Analysis Example

Lecture 3:

Risk Mitigation and Compliance Remediation

• Typical Security Risks
• Social Media, Texting, e-mail, and Privacy
• Dealing with Portable Devices and Remote Access
• Compliance Planning

Lecture 4:

Documentation, Training, Drills and Self-Audits

• How to Organize and Use Documentation to Your Advantage
• Training Methods and Compliance Improvement
• Conducting Drills in Incident Response
• Using the HIPAA Audit Protocol for Documentation and Self-Auditing

Sign Up for Our Newsletter

Speaker:

Jim Sheldon Dean

Director of Compliance Services, Lewis Creek Systems, LLC

Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities.

Sheldon-Dean serves on the HIMSS Information Systems Security Workgroup, has co-chaired the Workgroup for Electronic Data Interchange Privacy and Security Workgroup, and is a recipient of the WEDI 2011 Award of Merit. He is a frequent speaker regarding HIPAA and information privacy and security compliance issues at seminars and conferences, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference in Washington, D.C.

Sheldon-Dean has more than 30 years of experience in policy analysis and implementation, business process analysis, information systems and software development. His experience includes leading the development of health care related Web sites; award-winning, best-selling commercial utility software; and mission-critical, fault-tolerant communications satellite control systems. In addition, he has eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master's degree from the Massachusetts Institute of Technology.

Location: SFO, CA Date: January 15th and 16th, 2019 and Time 9:00 AM to 6:00 PM

Venue Hilton San Francisco Airport Bayfront 600 Airport Blvd, Burlingame, CA 94010

Price:

1 ATTENDEE

$2,000.

Regular Price: $2000.

Register for 1 attendee

5 ATTENDEES

$10,000.

Regular Price: $10,000.

Register for 5 attendees

10 ATTENDEES

$20,000.

Regular Price: $20,000.

Register for 10 attendees

Use this promo code GCP50 to get 50% off.

Follow us on LinkedIn: https://www.linkedin.com/company/globalcompliancepanel/