HIPAA - Understanding Compliance Program Requirements
Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program.
If your healthcare practice, business, or organization needs to understand how to put HIPAA compliance program in place or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive 2 day training course.
Why should you attend:
With an increase in HIPAA enforcement and Phase 2 audits underway, many organizations need to fully understand the requirements of a compliance program.
Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and what steps need to be taken to mitigate risk. The seminar will include practical exercise to assist in knowing how to develop, review, and amend HIPAA policy and procedure. After completing this course, a Covered Entity or Business Associate will have a clear roadmap for what needs to be place when it comes to all of the HIPAA regulations.
Areas Covered in the Session:
• Why was HIPAA created?
• What is HITECH and the Omnibus Rule?
• Who Must Comply with HIPAA Requirements?
• What are the HIPAA Security and Privacy Rules?
• What is a HIPAA Compliance Program?
• What is a HIPAA Risk Management Plan?
• What is meant by "Required" and "Addressable" Implementation Specifications?
• What are Administrative, Technical, and Physical Safeguards Requirements?
• HIPAA policy and procedure practical exercise
• What is a HIPAA Risk Assessment?
• Risk Assessment practical exercise
• What are HIPAA training requirements?
• What is a HIPAA data breach and what happens if it occurs?
• What are the penalties and fines for non-compliance and how to avoid them?
• Creating a Culture of Compliance
Day 1 Schedule
• What is HIPAA, HITECH & the Omnibus Rule
• Privacy Rule Requirements
• Authorized and Permitted Disclosures
• Marketing in a HIPAA compliant world
• Security Rule Requirements
• Administrative, Technical, and Physical Safeguards
• Implementation Specifications
• How to Perform HIPAA Risk Assessments
• Risk Assessment - Practical Exercise
Day 2 Schedule
• Review of Risk Assessment Practical Exercise
• Remediation and Required Follow Up
• What Policies and Procedures Must be Covered
• HIPAA Risk Management Plans
• Developing, Reviewing and Amending Policy and Procedure
• Policy and Procedure - Practical Exercise
• Review Policy and Procedure Practical Exercise
• Creating a Culture of Compliance
• Summary & Closing Remarks
President and Founder, Colington Security Consulting, LLC
Jay Hodes is a leading expert in HIPAA compliance and President of Colington Consulting. His company provides HIPAA consulting services for healthcare providers and business associates. Mr. Hodes has over 30 years of combined experience in risk assessments, site security evaluation, regulatory compliance, policy and procedures assessments, and Federal law enforcement management. He is the former Assistant Inspector General for Investigations at the U.S. Department of Health and Human Services.
Mr. Hodes has been the keynote speaker and provided presentations regarding HIPAA compliance to many professional healthcare organizations. He has published over 35 educational articles regarding HIPAA compliance, been featured in Part B News articles, the Report on Patient Privacy, provided a guest post in the Electronic Health Reporter, and provided advice on HIPAA compliance to Renal & Urology News and the Virtru.com blog.
Mr. Hodes is a member of member of the American Institute of Healthcare Compliance, Healthcare Information and Management Systems Society, American Society for Industrial Security, Metro Collaborative, the Practice Management Association of Northern Virginia, the Health Technology Forum: DC, Association of Elderservice Professionals (VA) and the Loudoun Seniors Interest Network.
Mr. Hodes is certified by the New Jersey Board of Dentistry and the Maryland State Board of Dental Examiners to provide continuing education classes in HIPAA compliance. In his free time, Mr. Hodes is a volunteer for Lab Rescue of the Labrador Retriever Club of the Potomac and the non-profit organization, Outer Banks Sporting Events.