HIPAA & The Medical Practice: Requirements for Privacy, Security and Breach Notification

April 8th, 2019

 April 8th, 2019 - April 9th, 2019 

HIPAA & The Medical Practice: Requirements for Privacy, Security and Breach Notification

United States  »  Midwest, USA  »  Iowa » 
April 8th, 2019 - April 9th, 2019

Event Website

InfoSec Conference Summary

The description was submitted by the Conference Organizer. We sometimes edit it to enhance the listing.

favouriteLoadingAdd this conference to your favourites

Any provider that transmits any information in electronic form (doctors, clinics, hospitals, surgical centers, psychologists, dentists, chiropractors, nursing homes, assisted living, pharmacies, etc.) is a covered entity under HIPAA and, therefore, must comply with HIPAA laws and regulations.

The Health Insurance Portability and Accountability Act of 1996 was passed by Congress in order to require the Department of Health and Human Services (HHS) to develop national rules for the protection of electronic healthcare information.

The rules mandated that states adopt these federal protections. The HI-TECH act, a part of HIPAA, also known as the Health Information Technology for Economic and Clinical Health Act of 2009 was adopted as part of the American Recovery and Reinvestment Act.

It was intended to promote the adoption of and meaningful use of electronic medical records and it addresses and strengthens penalties for violation of HIPAA protections of electronic health information.

The three main HIPAA rules that make up the newly revised OMNIBUS Rue of 2013 include: Privacy Rule: Establishes the set of national standards for the protection of health information.

Security Rule: Establishes the set of national standards for the protection of health information that is electronically stored and/or transmitted.

Breach Notification Rule: Establishes the set of national notification requirements if a Covered Entity discovers a breach of unsecured protected health information.

Attendees will be provided with an overview of the basic requirements under HIPAA, including:

  • Notice of Privacy Practices
  • Uses and Disclosures of Protected Health Information
  • Privacy Officer Designation
  • Patient Access to Protected Health Information
  • Administrative, Technical and Physical Safeguards
  • Business Associate Requirements

Each of these important requirements will be discussed and the proper process for implementation reviewed. Attendees will learn the importance of appointing a practice Privacy Officer. All practices should have one individual who is the designated Privacy Officer. It is this individual’s responsibility to make sure that the practice meets all requirements of HIPAA.

The Privacy Officer should:
-Perform regular internal Compliance Risk Assessment reviews
-Conduct regular staff training on the requirements and implementation of HIPAA

How to conduct a Risk Assessment as well as how to determine if an incident is unreportable, or a reportable breach, will also be discussed.

The federal Office for Civil Rights (“OCR”) has the duty and responsibility to investigate complaints or reports of potential HIPAA violations and to continuously monitor entities required to comply with HIPAA (“Covered Entities”) for compliance.

OCR began a preliminary pilot program for random compliance audits of Covered Entities in 2015. All practices are now on notice that they can be inspected at any time, for any reason.Complaints to OCR are no longer the only method by which a practice’s HIPAA compliance can be called into question.

Any practice manager, owner, subcontractor or employee should be fully versed in HIPAA!

We're proudly sponsored by Kuppering Cole. They've geneoursouly given our community a 15% discount on all ticket sales. Use code "infosecspecial15" to apply the promo. Their next event will be "CyberNext Summit 2019"

CyberNext Summit 2019

Submit a review for this event.

Did you attend HIPAA & The Medical Practice: Requirements for Privacy, Security and Breach Notification? Let us know how it was and share your experience with the greater community.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.