HIPAA Compliance for Healthcare Professionals
HIPAA compliance: Where do you stand?
The confidential storage, retrieval and
decimation of electronic patient records and healthcare information is a
critical issue facing today's healthcare professionals. Newer updates and
changes to existing laws and regulations have increased the chances of
non-compliance, and some healthcare organizations (yours, perhaps?) may be at
risk of serious violations without even realizing it.
The Health Insurance Portability and Accountability Act (HIPAA) was passed by
Congress in 1996 to create a set of national standards for the transference of
electronic health data. The HIPAA Privacy Rule was established to protect the
privacy and security of personal health information, and set limits and
conditions on the uses and disclosures of such information without patient
HIPAA policies and procedures in the real world — what would you do?
In this seminar, we'll take a fascinating look at
the following real-life situations and reveal exactly how they should be handled
to remain in compliance with HIPAA guidelines and protect your patients' rights.
- A family member requests patient information
regarding a loved one in your care. Who are you required to provide
information to in this case? Who must you legally exclude? How do you handle
upset or irate family members who are demanding information you legally cannot
provide to them?
- Law enforcement personnel have arrived at your
facility asking for information on a new patient who is suspected in a crime.
What can you provide and what can't you provide according to the law?
- While handling a request from a patient, you
realize that information stored on a computer disk has become lost. What
should you do next? What are your responsibilities to the patient in question?
What are your risks and how can you mitigate these in the future?
- The front desk at your practice is very busy
with patients and doesn't have a lot of room for patient privacy. What can you
do to increase privacy with limited options?
- A patient's records were left open in view of
other patients — what process/procedure has been violated, what are the risks
to your organization and how do you correct this situation so that it doesn't
- You suspect that someone has been able to log
into your e-records system — what steps must you immediately take to stop the
breach and secure your records?
- Your practice has moved from paper to
electronic files — what do you do with all the paper? And, even though you've
moved to electronic files, your organization still relies on some paper
information. How do you ensure information is properly transferred to the
e-files and how long must you retain the paper information?
You may think you've got all your bases covered,
but with HIPAA's complex guidelines and newer rules and regulations, it is easy
to overlook key issues while accessing, storing and transferring sensitive
patient records. This course is designed to help you protect the rights of your
patients, while also protecting your practice or facility from non-compliance
accusations and complaints.
HIPAA Compliance for Healthcare Professionals
— Seminar Overview
HIPAA Requirements Overview
- According to HIPAA regulations, who's covered
and what does it mean in practice
- Latest updates related to privacy/security and
medical records — includes Privacy Rules and Security Rule
- Penalties: What are the "real" penalties you
can expect to pay if you violate HIPAA compliance requirements?
- Case study: What happens when a healthcare
entity is accused of breach of security?
Risk Assessment and Safeguards
- HIPAA Compliance Risk Assessment: Could you
unknowingly be in violation of HIPAA requirements?
- How does your organization
stack up? Where are your "weakest links" and how can you strengthen them?
- Tips and tools to help you
identify your biggest risk areas — people, policies/procedures, technology,
- Putting safeguards in place: Where to start,
how to proceed, how to achieve organizational-wide buy-in of new procedures
- Administrative practices:
How to get your people to revise their actions, change their procedures and
get on board with new policies
- Physical records: How to
ensure paper records are stored and accessed securely
- Technical issues: What are
the most common computer and technical security issues you must be aware of?
- Protect your e-records by
limiting access, installing controls and imposing passwords
Policies and Procedures to Ensure Security and Proper Handling of
- What are your current policies and procedures?
Where can you improve?
- Proposed changes to procedures: How to get
everyone on board regarding electronic access, storage and fulfillment of
- Who should have access to records within your
- How to communicate your policies and
- Within your organization
- To patients and patient
- To other entities
- The difference between patient "consent" and
- What you can do to simplify the process and
implement cost-effective security measures
Records Distribution, Retention and Destruction
- How do you transfer vital information to
parties who need access to records, while maintaining strict security
according to HIPAA mandates?
- Other healthcare practices
- Insurance companies for
- Who is allowed access to the following
- Doctor notes
- Prescription orders
- Tests/lab results
- Documentation requirements for distribution of
records: Are you following these HIPAA procedures?
- Retention of patient records: What are you
required to keep, and what are you required to destroy?
- How to dispose of secure documents and ensure
that security procedures are in place and enforced
- How to follow HIPAA's
requirements regarding document disposal
- Strategies for finding the
right document destruction service
- How long must you keep
patient records? What happens if you destroy them too soon or hang on to them
for too long?
CONTINUING EDUCATION CREDITS
This course qualifies for:
CEU: 0.6 credits
CPE: 6 credits
Certificates will be available 10 days after your event has ended.
Seminar Check-In: 8:30 AM Seminar Class 9:00 AM to 4:00 PM