2-Day Virtual Seminar

HIPAA Privacy Rule Compliance-Understanding New Rules and Responsibilities of Privacy Officer

BY: Jim Sheldon-Dean, Principal, Principal and Director of Compliance Services, Lewis Creek Systems, LLC

Virtual Training Through WebEx
Various parts of the country are still battling the Coronavirus (COVID-19), we will conduct the class 100% online.

July 22-23, 2020
(11:00 AM to 5:00 PM EDT)
Virtual Seminar
  • Course Description
  • Agenda
  • Speaker
  • Price/Register

While the HIPAA rules have been in place for many years now, the focus of their application has recently changed as technologies and practices have changed, emergencies have been dealt with, and changes to the rules and guidance have occurred, and more changes are on the horizon. In addition, there are changes in other regulations that interact with HIPAA requirements, and that require consideration in your planning. This session will focus on understanding what are the challenges that a HIPAA Privacy Officer faces today, and what are the areas of HIPAA that have changed and are changing still. The session will discuss the latest topics of interest in detail and describe how they relate to the regulations and their enforcement today. Patient Rights and controls on uses and disclosures will be explored in depth, including an examination of how the rules work in emergency circumstances, and how they can be changed during declared emergencies.

This session is designed to provide intensive, two-day training in HIPAA Privacy Rule compliance designed for both the seasoned HIPAA professional as well as the individual newly appointed to the position of HIPAA Privacy Officer, covering:

  • The foundations of HIPAA and how they relate to the issues of today
  • Privacy, Security, and Breach Notification under HIPAA
  • Changes in Rules, Technologies, and Practices that Impact HIPAA Compliance
  • Patient Rights and Controls on Uses and Disclosures
  • Managing Patient Communication Rights, Texting, and Telemedicine
  • Considerations for Circumstances Such As Declared Emergencies
  • New Guidance, Court Decisions, and Other Regulations Related to Personal Information
  • Challenges with New Issues, such as insecure communications, Ransomware, and the E.U.’s GDPR
  • Interactions with the SAMHSA 42 CFR Part 2 regulations on Information Relating to Substance Use Disorders
  • Security Breaches and Ways to Prevent and Respond To Them
  • Numerous references and sample documents will be provided.
Learning Objectives:

This Seminar is designed for the HIPAA expert and HIPAA newbie alike who wishes to stay up with changes to HIPAA and related regulations in personal information privacy and security, as well as understand the regulatory issues most frequently encountered in day-to-day operation of health care entities, as well as during emergencies. Objectives include learning related to a variety of topics, including:/p>

  • Understanding the variety of forms entities can take under HIPAA and how they relate to one another
  • Learning about the roles of HIPAA Business Associates and obligations for their management
  • Learning about patient rights, such as access and amendment of information, and how such rights are protected and enforced under HIPAA
  • How uses and disclosures may take place in a wide variety of circumstances, including such hot topics as sharing information with the family and friends of a patient
  • How the rules support emergency responses and how they may be applied in declared emergencies
  • What is current enforcement and audit activity, including an emphasis on patient access of information
  • Using new communications technologies such as texting and telemedicine according to the rules
  • Learn about new and upcoming changes to Substance Use Disorder records confidentiality under 42 CFR Part 2
  • The European Union’s General Data Protection Regulation (GDPR)
  • Ensuring individuals have adequate access of their information under the rules
  • The place of Information Security and incident management under the HIPAA Security and Breach Notification Rules
  • Processes to be used in managing security, mitigating risks, and handling incidents
  • Proper methods of documentation and training to ensure compliance and help avoid penalties
  • The use of internal audits and drills to improve compliance continuously and be prepared for incidents and enforcement investigations
Who will Benefit:

This seminar will provide valuable assistance to all personnel in medical offices, practice groups, hospitals, academic medical centers, insurers, business associates (shredding, data storage, systems vendors, billing services, etc.). The following personnel will find this session valuable:

  • Compliance director
  • CEO
  • COO
  • CFO
  • Privacy Officer
  • Security Officer
  • Information Systems Manager
  • HIPAA Officer
  • Chief Information Officer
  • Health Information Manager
  • Healthcare Counsel/lawyer
  • Office Manager
  • Contracts Manager
Day 01(11:00 AM - 5:00 PM EDT)

    Day one sets the stage with an overview of the HIPAA regulations and then continues with presentation of the specifics of the Privacy Rule and issues such as communications and responding to emergency circumstances, as well as recent and expected changes to HIPAA, including the impacts of required changes in your practices to meet the rules.

  • Overview of HIPAA Privacy, Security, and Breach Notification Regulations
    • Types of Entities
    • Entity Relationships
    • Business Associates, including Guidance on Compliance Liabilities
    • Current Issues in HIPAA, including Responding to Emergencies
  • HIPAA Privacy Rule and Patient Rights
    • The Designated Record Set
    • Access
    • Amendment
    • Restrictions
    • Communications, including Texting and Telemedicine
  • HIPAA Privacy Rule and Uses and Disclosures of PHI
    • Using Protected Health Information
    • Disclosures to family and friends, including During Emergencies
    • Disclosures to providers, care coordinators, etc.
    • Disclosures to attorneys, the Attorney General’s office, etc., minors and guardian issues
    • Day-to-day disclosures
    • Training and Documentation Requirements
Day 02(11:00 AM - 5:00 PM EDT)

    Day two begins with a discussion of current top issues in HIPAA compliance and privacy, and a detailed examination of HIPAA Security Rule and Breach Notification requirements, including what you need to do to protect information and what you have to do if you don’t. The day concludes with a session on the essential activities of documenting policies, procedures, and activities, training staff and managers in the issues and policies they need to know about, and examining compliance readiness through drills and self-audits, all as part of a 10-step plan for reviewing and maintaining HIPAA compliance.

  • Current Hot Topics in HIPAA and Privacy
    • Enforcement and Audits, including When Enforcement and Audits May Be Suspended
    • Coordination with 42 CFR Part 2 and Substance Use Disorder information
    • GDPR Compliance – Here comes the E.U.!
    • Access of Information, including Rules on Data Blocking and Enforcement
  • HIPAA Security and Breach Notification Rule Principles
    • How the Privacy, Security, and Breach Rules Work Together
    • Security Safeguards and The Role of Risk Analysis
    • Determining What Is a Breach and What Must Be Reported
    • Incident Management and Breach Reporting
  • Documentation, Training, Drills and Self-Audits
    • The 10-Day HIPAA Compliance Plan
    • How to Organize and Use Documentation to Your Advantage
    • Training Methods and Compliance Improvement
    • Conducting Drills in Incident Response
    • Using the HIPAA Audit Protocol for Documentation
Jim Sheldon-Dean
Jim Sheldon-Dean
Principal and Director of Compliance Services, Lewis Creek Systems, LLC

Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities.

Mr. Sheldon-Dean serves on the HIMSS Information Systems Security Workgroup, has co-chaired the Workgroup for Electronic Data Interchange Privacy and Security Workgroup, and is a recipient of the WEDI 2011 Award of Merit. He is a frequent speaker regarding HIPAA and information privacy and security compliance issues at seminars and conferences, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference in Washington, D.C.

He has more than 30 years of experience in policy analysis and implementation, business process analysis, information systems and software development. His experience includes leading the development of health care related Web sites; award-winning, best-selling commercial utility software; and mission-critical, fault-tolerant communications satellite control systems. In addition, he has eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. He received his B.S. degree, summa cum laude, from the University of Vermont and his master’s degree from the Massachusetts Institute of Technology.

Register Now

Online using Credit card

$899.00

(One Dial-in One Attendee)

July 22-23, 2020, Virtual Seminar
(Registrations till June 20, 2020 - $899)
(Registrations after June 20, 2020 - $1499)

$4,585.00

Group-Max. 10 Attendees

July 22-23, 2020, Virtual Seminar
(Registrations till June 20, 2020 - $4585)
(Registrations after June 20, 2020 - $5395)


For discounts on multiple registrations, contact customer care at +1-888-771-6965.

Other Registration Options

By order form / PO#

Payment Modes

By Check -

To pay by check please contact customercare@grcseminars.com

By Wire -

Register / Pay by Wire TransferPlease contact us at +1-888-771-6965 to get details of wire transfer option.

Terms & Conditions to Register for the Seminar/Conference/Event »

Terms & Conditions to register for the Seminar/Conference/Event

Your Registration for the seminar is subject to following terms and conditions. If you need any clarification before registering for this seminar please call us @ +1-888-771-6965 or email us @ customercare@grcseminars.com

Payment:
Payment is required before 2 days of the date of the conference. We accept American Express, Visa and MasterCard. Make checks payable to MetricStream Inc. ( our parent company)

Cancellations and Substitutions:
Written cancellations through fax or email (from the person who has registered for this conference) received at least 10 calendar days prior to the start date of the event will receive a refund — less a $300 administration fee. No cancellations will be accepted — nor refunds issued — within 10 calendar days from the start date of the event.

On request by email or fax (before the seminar) a credit for the amount paid minus administration fees ($300) will be transferred to any future GRC Seminars event and a credit note will be issued.

Substitutions may be made at any time. No-shows will be charged the full amount.

We discourage onsite registrations, however if you wish to register onsite payment to happen through credit card immediately or check to be submitted onsite. Conference material will be given on the spot if it is available after distributing to other attendees. In case it is not available we will send the material after the conference is over.

In the event GRC Seminars cancels the seminar, GRC Seminars is not responsible for any airfare, hotel, other costs or losses incurred by registrants. Some topics and speakers may be subject to change without notice.

Attendance confirmation and Documents to carry to the seminar venue:
After we receive the payment from the registered attendee an electronic event pass will be sent to the email address associated with the registrant before 5 working days from the seminar date. Please bring the pass to the venue of the event.

Conference photograph / video:
By registering and attending GRC Seminars conference you agree to have your photographs or videos taken at the conference venue and you do not have any objections to use these photos and videos by GRC Seminars for marketing, archiving or any other conference related activities. You agree to release GRC Seminars for any kind of claims arising out of copyright or privacy violations.

You Recently Viewed