HIPAA compliance program

The 10 Step HIPAA Compliance Review

Achieving-HIPAA-Compliance-with-document-management-software

If there is one life or death issue for a Covered Entity and its Business Associate, it has to be HIPAA compliance. This is one point that could determine whether they will continue to be in business or fold up. This underlines the criticality of HIPAA compliance for a Covered Entity and a Business Associate.

While providing the appropriate patient rights and controls on its uses and disclosures is important to show compliance with HIPAA, a Covered Entity or a Business Associate needs to do more: it has to also to demonstrate this.

The CE or BA should also have performed the appropriate analysis of the risks to the confidentiality, integrity, and availability of electronic Protected Health Information (PHI). Unless this is done in a compliant manner, the CE or BA cannot ensure that it is protecting the PHI from vulnerabilities. Loss of a device holding data, accidental acts or intentional acts, such as cyberattacks, which have only become accentuated in recent times, are some of these.

Given the utter vitality of ensuring HIPAA compliance, shouldn’t Covered Entities and their Business Associates get a proper and thorough understanding of how to do this? This learning will be imparted at a webinar that is being organized on September 9 by MentorHealth, a leading provider of professional training for all the areas of healthcare.

The doyen of HIPAA compliance, Jim Sheldon Dean, will be the expert at this webinar, at which he will explain a 10-step method that will help participants gain thorough clarity of HIPAA compliance. Please register for this webinar by visiting https://www.mentorhealth.com/webinar/the-10-step-hipaa-compliance-review—how-to-ensure-your-compliance-is-up-to-date-801767LIVE?wordpress-SEO.

————————————————————————————————————–

The expert will show how a Covered Entity or a Business Associate can ensure HIPAA compliance in a structured and logical manner over just ten days and thus escape enforcement actions from the HHS. He will explain how to carry these out in the 10-day span, which will be laid out in this manner:

  • Day One: Research of Your Operations
  • Day Two: Limitations on Uses and Disclosures
  • Day Three: Patient Rights under HIPAA
  • Day Four: HIPAA Risk Analysis
  • Day Five: HIPAA Security Safeguards
  • Day Six: HIPAA Security and Breach Notification Policies and Procedures
  • Day Seven: Documentation of Policies and Procedures
  • Day Eight: Training in Policies and Procedures Related to HIPAA
  • Day Nine: Verification and Audits of Compliance
  • Day Ten: Long Term Compliance Planning and Risk Management

The following areas will be covered at this webinar:

  • Find out how to relate your office’s activities to the regulations
  • Learn what are the ways you can share information under HIPAA, and the ways you may not
  • Find out about HIPAA requirements for access and patient preferences, as well as the requirements to protect PHI
  • Learn how to use an information security management process to evaluate risks and make decisions about how best to protect PHI and meet patient needs and desires
  • Find out what policies and procedures you should have in place for dealing with e- mail and texting, as well as any new technology
  • Learn about the training and education that must take place to ensure your staff uses e- mail and texting properly and does not risk exposure of PHI
  • Find out the steps that must be followed in the event of a breach of PHI
  • Learn about how the HIPAA audit and enforcement activities are now being increased and what you need to do to survive a HIPAA audit.

—————————————————————————————————————

About the expert: Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities.

Sheldon-Dean has more than 30 years of experience in policy analysis and implementation, business process analysis, information systems and software development. His experience includes leading the development of health care related Web sites; award-winning, best-selling commercial utility software; and mission-critical, fault-tolerant communications satellite control systems.

0 CommentsLeave a comment

Protecting a business from record breaches resulting from ransomware attacks

 

When HIPAA investigations relating to ransomware breaches find malpractices; it can be total jolt that can absolutely devastate the said practice or business. Discovery of this kind of breach during a HIPAA investigation can cause a major financial burden, apart of course, from severe embarrassment and ignominy.

This means that practices and businesses that are subject to a HIPAA investigation need to get a thorough understanding of whether their systems are at risk for ransomware or other very dangerous breaches, and of ways of dealing with them. The severity of a ransomware breach should never be underestimated, as it is the #1 risk for massive breach in the United States.

What needs to be done?

If a practice or business needs to insulate itself from appropriating of its electronic records, both foreign and domestic, it needs to take a few very important steps. What are these steps, and how does a practice or business do it? These constitute the learning a webinar from MentorHealth, a leading provider of professional trainings for all the areas of regulatory compliance, will be organizing.

Brian L Tuttle, who is a Certified Professional in Health IT (CPHIT), Certified HIPAA Professional (CHP) and Certified Business Resilience Auditor (CBRA) with over 15 years’ experience in Health IT and Compliance Consulting, will be the speaker at this webinar. To gain the benefit of this learning, register by just logging on to http://www.mentorhealth.com/control/w_product/~product_id=800873LIVE/~sel=LIVE/~Brian_Tuttle/~Ransomware_and_HIPAA_Risks_-_BE_VERY_CAREFUL_HERE.

Brian will explain the practical and proven ways by which practices and businesses that are subject to HIPAA investigations can protect themselves from ransomware attacks and breaches.

Understanding the risk factors

He will also explain what the highest risk factors for being sued for wrongful disclosures of PHI are, and the manner in which patients are now using state laws to sue for wrongful disclosures. Brian will be quoting real life examples and will share his vast experience of dealing with situations that could cause a business or practice to go haywire.

Brian will offer specific information about multiple incidents, which will help practices and businesses understand what they did wrong that led to a bad situation. In addition to an explanation of the variables that need to be considered; he will also discuss specific questions the Office of Civil Rights investigators and FBI are likely ask and how best to answer. In all, this is a very valuable session at which the speaker will educate participants on the ways of preventing a breach altogether.

Brian will cover the following areas at this webinar:

  • What is ransomware?
  • What are risk factors?
  • What to do if hijacked
  • Audit Process
  • What can cause an audit
  • How to avoid these issues altogether
  • What to do in the event of an audit
  • How to speak and deal with Federal auditors
  • Risk Assessment
  • Best resources

 

0 CommentsLeave a comment

Ways of putting a HIPAA organizational Compliance Program in place

For an organization to be compliant with HIPAA; it has to not only ensure that it provides the appropriate patient rights and controls on its uses and disclosures of Protected Health Information; it has to also have the proper policies and procedures in place. Any organization that is the subject of a compliance review or is being audited has to demonstrate to the government that it has all the documentation necessary for safeguarding patient Protected Health Information, apart from also having the ability to show how it is addressing all of the required security safeguards.

 

Increase in HIPAA enforcement activities

 

A full understanding of the requirements of a compliance program has become all the more important in the background of an increase in HIPAA enforcement and with Phase 2 audits getting underway.

 

If an organization has to put all the required documentation aspects together in place; it needs to have a very good understanding of the ways of putting in place a HIPAA compliance program with which to ensure that the current program is adequate and can withstand government scrutiny. How does an organization do all these?

 

Jay will equip the participants with a thorough understanding of all the requirements needed for a comprehensive HIPAA compliance program and explain what steps need to be taken to mitigate risk. At this learning session, he will include practical exercises to assist know how to develop, review, and amend HIPAA policy and procedure. He will provide a Covered Entity or Business Associate a clear roadmap for what needs to be in place when it comes to all of the HIPAA regulations.

 

More information go through this link   :  http://bit.ly/25xX4ip

0 CommentsLeave a comment