Organizations of all types and sizes continue to struggle needlessly with HIPAA Compliance. For example, HIPAA Risk Analysis – Risk Management is the basis of the HIPAA Compliance Program of every Covered Entity and Business Associate. But mandatory HIPAA Compliance Audits conducted by the Office for Civil Rights (OCR), the HIPAA enforcement arm of the U. S. Department of Health and Human Services (HHS), found 94% of Covered Entities failed the Risk Management Audit and 87% failed the Risk Analysis Audit. And every audited Covered Entity knew well in advance that it was on the short list to be audited, had completed pre-audit questionnaires and knew the exact questions it would be asked and documentation to be provided (audit protocols).

This seminar will teach Covered Entities and Business Associates how to untangle the complexities of HIPAA and become confident in their HIPAA compliance program. The seminar will demonstrate how Covered Entities and Business Associates can comply calmly, confidently and completely with the HIPAA Rules.

The secret is - HIPAA Rules are easy and routine to follow - when you know the steps.

Paul Hales will capture your attention with visual presentations and interactive learning exercises that take mystery and fear out of HIPAA Compliance.

• Thorough Understanding of HIPAA Rules
  • What they are
  • How they work together
  • Why and How they were made
  • How they are changing and what to expect next
• HIPAA Risk Analysis – Risk Management for Your Organization
  • A Practical Guided Exercise done in class on your computer to take home
• Privacy and Security Rules - Permitted and Required Uses and Disclosures
  • What information must be protected
  • Administrative, Technical and Physical Safeguards
  • Social Media, Texting and Emailing Patients
• The inter-connected, inter-dependent relationship of Covered Entities and Business Associates
  • Business Associate HIPAA compliance responsibilities
  • The importance of Due Diligence and how to do it
  • How to avoid making a Business Associate your Agent by mistake
  • The chain of responsibility from Covered Entity to Business Associate to Subcontractor Business Associate, etc.
  • Business Associate responsibilities for Subcontractor Business Associates
  • Breach Notification discovery and reporting by Business Associates and Subcontractor Business Associates
• What is - and what is not a Reportable Breach of Unsecured PHI
  • Potential Breach Investigation - Breach Exceptions
  • Ransomware
  • Breach Risk Assessment
  • Breach Prevention

AGENDA

Day 1 Schedule Lecture 1:

• Welcome
• Discussion – Goals and Objectives of Seminar Participants
• HIPAA Compliance Overview and discussion tailored to specific interests of Seminar Participants

Lecture 2:

• Focus on HIPAA Compliance
• Description of HIPAA Rules and Fundamental in Plain Language continuing and building on discussion in Lecture 1
• HIPAA Risk Analysis – Risk Management
• The basis of your HIPAA Compliance Program explained step-by-step
• Learn by Doing Begin guided Step-by-Step HIPAA Risk Analysis – Risk Management of your organization on your tablet/laptop – for you to take with you

Lecture 3:

• HIPAA Risk Analysis – Risk Management
• Continued
• Consider lessons learned
• Inter-relationship of Privacy, Security and Breach Notification Rules

Lecture 4:

• Privacy Rule in Depth
• Protected Health Information (PHI)
• Permitted Uses and Disclosures of PHI
• Individual Rights
• Administrative Requirements

Day 2 Schedule Lecture 1:

• Welcome - Recap Day 1 - Questions - Discussion
• Security Rule in Depth
• Electronic Protected Health Information (EPHI)
• Purpose and Function of Security Rule
• Security Official

Lecture 2:

• Focus on Business Associates
• Inter-connected HIPAA Compliance for Covered Entities and Business Associates
• Is your Business Associate your "Agent"?
• Due Diligence
• Subcontractor Business Associates
• Business Associate Agreements
• Non-BA Confidentiality Agreement
• Business Associate HIPAA Compliance
• Privacy Rule - Who is in charge?

Lecture 3:

• Breach Notification Rule in Depth
• Learn by Doing Investigate a Potential Breach
• Do a Breach Risk Assessment
• When you must notify - and when you do not need to notify
• Notifications and Documentation

Lecture 4:

• Wrap Up
• Miscellaneous and Participant Selected Topics
• Social Media - Patient Engagement
• Prepare for HHS Audits or Investigations
• Final Questions - Answers

SPEAKER

Paul R. Hales, J.D.

Paul R. Hales, Attorney at Law, LLC

Paul R. Hales received his Juris Doctor degree from Columbia University Law School and is licensed to practice before the Supreme Court of the United States. He focuses on HIPAA Privacy, Security, Breach Notification and Enforcement law. Paul is widely known for his ability to teach HIPAA Compliance clearly, simply and in plain language. He manages a national HIPAA consulting and education practice based in St. Louis and is the author of all content in The HIPAA E-Tool®, an Internet-based Software as a Service product for Covered Entities and Business Associates.

 

Please contact the event manager Marilyn ([email protected] ) below for:

- Multiple participant discounts - Price quotations or visa invitation letters - Payment by alternate channels (PayPal, check, Western Union, wire transfers etc) - Event sponsorships NO REFUNDS ALLOWED ON REGISTRATIONS Service fees included in this listing. ----------------------------------------------------------------- This event is brought to you by: Netzealous LLC - NewYorkEventsList http://www.NyEventsList.com http://www.BostonEventsList.com http://www.SFBayEventsList.com ----------------------------------------------------------------- MYL180727CEV MYL180814UPA