Skip to main content

HIPAA Compliance Through Policies


Overview
The webinar will explain the process for covered entities and business associates to use to draft, adopt, and implement HIPAA compliance policies. Writing a policy is easier than one may think. It is a three-step process: researching, drafting and revising. This webinar will teach you to ask questions, solicit help, collect samples, keep the principles of substance, organization, coherence, style, and correctness in mind while you are drafting, send your draft out for review, incorporate comments, implement the policy, and repeat as necessary. The prospect of developing and writing perhaps as many as 70 policies to attain HIPAA compliance may still seem daunting, but this webinar will teach you how to make a checklist, take it step by step, and enlist the help of others when you need it.
Why should you attend this webinar?
Many of the seven-figure civil money penalties and settlements in lieu there of result from not having any policies in place that might have to prevent of breach of Protected Health Information (PHI) or having insufficient policies. DHHS entered into a settlement with Massachusetts General Hospital for $1 million for a breach involving leaving paper PHI records on a subway. The sanction was because Massachusetts General had not trained its workforce on proper security for PHI taken offsite and did not have a work-at-home policy. Significantly, HIPAA does not even mention working at home, much less specifically require such a policy. Note that often HIPAA does not specify a particular security measure but merely says you must have a policy concerning that measure, such as a destruction plan (i.e. policy). In other words, they don't say that you must degauss electronic PHI, but that you must have a policy detailing the secure way you will destroy ePHI.
Areas Covered in the Session:
  • Use HIPAA required Risk Analysis to help you decide which policies and procedures to develop.
  • Research before drafting policies and procedures, by asking and answering the right questions, soliciting help, and collecting samples.
  • Draft policies and procedures that comply with HIPAA's requirements, based on sound principles of substance, organization, coherence, style, and correctness.
  • Revise policies and procedures, including steps of reviewing, incorporating recommended changes, and implementing.
  • Draft required policies under HIPAA.
  • Decide whether you must draft addressable policies under HIPAA.
  • Decide what other policies you need to draft that HIPAA doesn't mention but that affect your organization.
  • Conclusion and question and answer.
Who can Benefit:
Privacy and Security Officers, Medical Records Professionals, IT Professionals, Clinicians, Office Managers, Risk Managers, Business Associates of Covered Entities (those that provide a service for the Covered Entity involving the use of individually identifiable health information (transcription services, billing services, cloud storage companies, and the like), Healthcare Attorneys, Compliance Officers.

Visit:https://www.compliancekey.us/webinarDetails?industryId=3&webinarid=869&speakerid=124
Labels:
Location: United States

Comments

Post a Comment

Popular posts from this blog

New 2019 HIPAA Guidance on De-Identifying Protected Health Information

Compliance Key  -   HIPAA Compliance Training Overview This seminar will be addressing how practice/business managers or compliance officers need to get their HIPAA house in order, as HIPAA is now fully enforced and the government is not using kid gloves anymore. It will also address major 2019 changes taking place with the Health and Human Services regarding the enforcement of the HIPAA law as well as detailed discussions on the Phase 2 audit process and current events regarding HIPAA cases (both in courtrooms and from real-life Audits). Our instructor - Mr. Brian Tuttle  has over 20 years of experience in working as Compliance auditor and has been an expert witness on multiple HIPAA cases. He`ll thoroughly explain on HOW and in WHAT scenarios patients can claim for cash remedies. More importantly, Brian will show you how to limit those risks by simply taking proactive steps and utilizing best practices. Why should you attend this seminar? This Sem...
Post a Comment
Read more

Classifying Medical Devices in US and EU

Compliance Key INC  -  Healthcare Compliance Webinars Overview The Food and Drug Administration (FDA) has established classifications for approximately 1,700 different generic types of devices and grouped them into 16 medical specialties referred to as panels. Each of these generic types of devices is assigned to one of three regulatory classes based on the level of control necessary to assure the safety and effectiveness of the device.The determination process, how you apply the classification process to your device, is complex and requires several levels of analysis to make the proper device classification. Proper medical device classification is the fundamental first step in submitting your device for approval anywhere in the world. This webinar will detail the medical device classification process for the United States through the FDA and will overview the very complex process for medical device classification within the EU. Specifically, this webinar will provid...
Post a Comment
Read more

HIPAA Compliance with the New Omnibus Rule: How to Pass an Audit to Avoid Penalties and Criminal Convictions

Compliance Key INC  -  H ipaa webinar                                           Jonathan P. Tomes Jonathan P. Tomes , J.D., is Keynote Speaker at Compliance key Inc. He is a health care attorney practicing in the greater Kansas City.   Webinar Id:   HIPHJPT001  2:30 PM PT | 03:30 PM ET    01/18/2018  Duration: 60 mins  Overview Before the HITECH Act, DHHS could audit covered entities for HIPAA compliance, but did not have to. With that Act, now the must audit those entities and business associates as well. In the first audits, the Phase I audits, DHHS came on site. The subsequent Phase II audits, however, were paper audits in which those audited had to provide documentation of their compliance. As yet, we do not know what form Phase III will take, but the necessary actions to prepar...
Post a Comment
Read more