This webinar will be addressing the ins and outs of identifying what is and what is not PHI, proper ways to disclose this information, common sense security methods, what we can and can’t do under HIPAA relating to disclosures, and how to properly investigate a breach (or a suspected breach).
We will also be addressing how practice/business managers (or compliance offers) need to get their HIPAA house in order before the imminent audits occur.
It will also address major changes under the Omnibus Rule and any other applicable updates relating to protected health information
Additional areas covered will be texting, email, encryption, medical messaging, voice data and risk factors as they relate to IT.
The primary goal is to ensure everyone is well educated on what is myth and what is reality with this law, there is so much misleading information all over regarding the do’s and don’ts with HIPAA – I want to add clarity for compliance officers
I will uncover myths versus reality as it relates to this very enigmatic law based on over 1000 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors.
I will also speak to real life litigated cases I have worked where HIPAA is being used to justify state cases of negligence – THIS IS BECOMING A HUGE RISK!
In addition, this course will cover the highest risk factors for being sued as well as being audited (these two items tend to go hand in hand)
Are you clear on what constitutes identifiable health information vs none identifiable health information? It can be very confusing and frustrating to say the least.
Since the HIPAA Omnibus Final ruling, the Federal government has expanded the definition of what constituted PHI
Is your staff trained to understand the new risks and definitions?
Do you have written policy in place relating to this?
Do you have an affective HIPAA compliance program?
New laws and funding mean increased risk for both business associates and covered entities!
HIPAA Omnibus – Do you know what’s involved and what you need to do?
What does Omnibus mean for covered entities and business associates?
Why should you be concerned?
Court cases that are changing the landscape of HIPAA and patient’s ability to sue!
TRIAL ATTORNEYS ARE MORE DANGEROUS THAN THE FEDERAL GOVERNMENT!!
It is important to understand the new changes going on at Health and Human Services as it relates to enforcement of HIPAA for both covered entities and business associates as it relates to what we need to do as compliance officers. You need to know how to avoid being low hanging fruit in terms of audit risk as well as being sued by individuals who have had their PHI wrongfully discloses due to bad IT or internal administrative practices.
• What is PHI
• What constitutes identifiable PHI
• What is “de-indentified” PHI
• How to investigate a possible breach and conclude whether the incident constituted a breach or not
• How to properly notify if a breach occurs
• Requirements of Compliance Officers
• Real life litigated cases
• Portable devices
• Business associates and the increased burden
• Emailing of PHI
• Texting of PHI
• Federal Audit Process
• HIPAA and suing – how this works
• Risk Assessment
• Best resources
• Practice managers
• Any business associates who work with medical practices or hospitals (i.e. billing companies, transcription companies, IT companies, answering services, home health, coders, attorneys, etc)
• MD’s and other medical professionals
Brian L Tuttle, CPHIT, CHP, CBRA, Net+, A+, CCNA, MCP is a Certified Professional in Health IT (CPHIT), Certified HIPAA Professional (CHP), Certified Business Resilience Auditor (CBRA) with over 15 years’ experience in Health IT and Compliance Consulting. Mr. Tuttle has worked all of those 15 years with MAG Mutual Healthcare Solutions and is now Senior Compliance Consultant and IT Manager with InGauge Healthcare Solutions (previously named MAG Mutual Healthcare Solutions). Almost all of Brian’s clients are earned by referral with little or no advertising. Brian is well known and highly regarded in medical circles throughout the United States.
Mr. Tuttle vast experience in health IT systems (i.e. practice management/EMR systems, imaging, transcription, medical messaging, etc.) as well as over 17 years’ experience in standard Health IT with multiple certifications and hands-on knowledge, Brian serves as compliance consultant and has conducted onsite risk assessments for over 500 medical practices, hospitals and business associates throughout the United States.