HIPAA Compliance for Small Healthcare Providers
Being in compliance with HIPAA involves not only ensuring that you provide the appropriate patient rights and controls on your uses and disclosures of Protected Health Information; but that you also have the proper policies and procedures in place. If audited or the subject of a compliance review, you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program.
If your small healthcare practice needs to understand how to put a HIPAA compliance program in place or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive Two-day training course.
Why you should attend:
This seminar is specially designed for small healthcare providers that struggle with meeting HIPAA compliance requirements. Regardless of the size of a practice or the number of patients, the focus of this seminar is on making sure that organizations are meeting all of the HIPAA, HITECH, and Omnibus Rules. Organizations need to fully understand the requirements of a compliance program and how to implement one.
Attendees will leave the course clearly understanding all of the requirements for a comprehensive HIPAA compliance program and what steps need to be taken to mitigate risk. The seminar will include practical exercise to assist in knowing how to develop, review, and amend HIPAA policy and procedure. After completing this course, a Healthcare Covered Entity will have a clear roadmap for what needs to be place when it comes to all of the HIPAA regulations.
Areas Covered in the Session:
• Why was HIPAA created?
• What are HITECH and the Omnibus Rule?
• Who Must Comply with HIPAA Requirements?
• What are the HIPAA Security and Privacy Rules?
• What is a HIPAA Compliance Program?
• What is a HIPAA Risk Management Plan?
• What is meant by "Required" and "Addressable" Implementation Specifications?
• What are Administrative, Technical, and Physical Safeguards Requirements?
• Understanding the Business Associate Relationship
• HIPAA policy and procedure practical exercise
• What is a HIPAA Risk Assessment?
• Risk Assessment practical exercise
• What are HIPAA training requirements?
• What is a HIPAA data breach and what happens if it occurs?
• What are the penalties and fines for non-compliance and how to avoid them?
• HIPAA & Social Media
• Creating a Culture of Compliance
Day 1 Schedule
What are HIPAA, HITECH & the Omnibus Rule?
HIPAA Requirements for Small Practices
Privacy Rule Requirements
Authorized and Permitted Disclosures
Marketing in a HIPAA compliant world
Security Rule Requirements
Administrative, Technical, and Physical Safeguards
Business Associate Agreements Managing Business Associates How to Conduct a HIPAA Risk Assessment
Risk Assessment Practical Exercise
Day 2 Schedule
Review of Risk Assessment Practical Exercise
Remediation and Required Follow Up
What Policies and Procedures Must be Covered
HIPAA Risk Management Plans
Developing, Reviewing and Amending Policy and Procedure
Policy and Procedure - Practical Exercise
Review Policy and Procedure Practical Exercise
HIPAA Enforcement Trends - Concerns for Small Providers
HIPAA and Social Media
Creating a Culture of Compliance
Summary & Closing Remarks Q&A
President and Founder, Colington Security Consulting, LLC
Jay Hodes is a leading expert in HIPAA compliance and President of Colington Consulting. His company provides HIPAA consulting services for healthcare providers and business associates. Mr. Hodes has over 30 years of combined experience in risk assessments, site security evaluation, regulatory compliance, policy and procedures assessments, and Federal law enforcement management. He is the former Assistant Inspector General for Investigations at the U.S. Department of Health and Human Services.