HIPAA Compliance Officer Training
John has been active in the computer security area since 1999. He has
been working with small medical practices since retiring as an
instructor and dean of Health Information Technology at Gateway
Community college. As CEO of San Diego HIT, John has developed a
systematic approach to helping medical practices become HIPAA Compliant.
He has authored the book, “The Smart Dentist's Guide to HIPAA and
Computer Network Support” and has presented many times for various
industry associations.
There is a lot to know about HIPAA and there have been numerous changes in the past few years most practices are not aware of that could cost your practice in productivity, fines and loss of reputation. We will review HIPAA compliance from A to Z. Everything you need to know will be covered, including your responsibilities of holding the title, HIPAA Compliance Officer. Patient rights to their medical records are the biggest change to the Privacy Laws and they are being strictly enforced. The average fine is $85,000, even to small practices. We will go over the patient’s rights and the policies that need to change in your office. We will also review all of the other HIPAA rights given to patients. Healthcare cybersecurity is extremely important. We will go over actual incidents and how they were handled so you know what to expect. Even more informing, we will help you process what can happen so that your office will be better prepared when the worst happens.
Staff
training and awareness are key to avoiding security incidents and
breaches. We will go over the best way to train and inform your staff on
common social engineering tactics and how to recognize them so that
your office is not a victim. We will also review “Reasonable” security
that will protect your practice in a cost-effective manner. We go over
the essentials you need to discuss and implement with your IT vendor or
department. This training will aid the small physician practice all the
way to hospital security. Both are different and the HIPAA Security Rule
gives you the flexibility to protect patient privacy in a manner that
makes cost/benefit sense.
Finally, we will go over a breach, small, under 500 and major, 500 records or more. First, you and your staff need to be able to identify a breach. Next, a breach risk assessment is required and that will determine if the breach is reportable. Not reporting breaches yearly flags the OCR that you do not have the documentation to show a “Culture of Compliance”. We know that this 90-minute training will make your practice/organization not only HIPAA compliant, but a much more secure practice for the valuable patient records you maintain.
Areas Covered
- Access Rights Initiative
- Patient Privacy Rights
- Subpoenas
- Breach Identification and Notification
- Ransomware and other Malicious Activity
- Healthcare Cybersecurity
- Permitted Disclosures
- Disclosures to Law Enforcement
- IT Review to Meet HIPAA Security Rule Requirements
- What to do when your office is struck with Ransomware
- Policies and Procedure requirements
- HIPAA Staff Training and On-going Training Requirements
- Willful Neglect
- Required Posting
- HIPAA is Changing – Proposed Changes to the HIPAA Regulations
- Your responsibility as the HIPAA Compliance Officer
- Documentation Requirements
- Mobile Device Policy
- Interoperability
- Email and Text Messages
- Security Risk Assessment
- Business Associates
- Required Plans
- Minimum Necessary Standard
- Reasonable Security to Protect Patient Privacy
- Culture of Compliance – Documentation Required from Actual Breach Audits from the OCR
Course Level - Basic to Advanced
Who Should Attend
CEO, COO, Office Managers, Administrators, HIPAA Privacy and Security Officer, Physicians, and Administrative Staff.
Why Should You Attend
The Office for Civil Rights, the government agency that enforces HIPAA, is enforcing HIPAA violations as never before. Your practice could face substantial fines for violating the Patient Access Initiative. Most HIPAA Compliance Officers are unaware of a patient’s right to access their medical records via email or have the proper documentation to charge a patient for medical records. Your state allowable fees are no longer valid for patients seeking copies of their medical records. In addition, most practices are not properly handling small breaches when they occur, thereby violating both Federal and State Breach Notification Laws. There are huge fines for breach violations and not reporting breaches, required yearly, is a major red flag. If you are not reporting breaches as required, what other HIPAA documentation are you lacking? We will go over the most common HIPAA violations with easy corrections and fixes, show you how to address Healthcare Cybersecurity by raising Awareness in your office and how to identify and report breaches. We will also review what is required in the form of cybersecurity from your IT department or vendor. Being proactive is a Security Rule and Privacy Rule requirement. We will show you how your practice can be proactive in the protection of your patient records.
-
₹0.00
-