Healthcare information has been under HIPAA controls for more than fifteen years now, and healthcare organizations are finally beginning to reach good compliance levels, but other regulations also impact health information privacy and security compliance. In addition to HIPAA, the rules for protecting information related to Substance Use Disorders have been in place since the 1970s, FERPA protects student information, including health and treatment information, various state laws call for protection of information, and now the European Union’s General Data Protection Regulation comes into play for the information of EU residents.
This session is designed to provide intensive, one and a half-day training in healthcare information privacy and security regulatory compliance, touching on the key regulations needing attention today.
The session will cover:
Principles of Information Privacy and Security
Privacy, Security, and Breach Notification under HIPAA
Interactions with the SAMHSA 42 CFR Part 2 regulations on information relating to substance use disorders
Interactions with the FERPA student information protections for information held by schools
Seminar Fee Includes:
USB with seminar presentation
Hard copy of presentation
$100 Gift Cert for next seminar
What Will Be CoveredDetermining the scope of your GDPR exposure and issues to address
HIPAA as a foundation for GDPR compliance
Challenges with issues today that didn’t even exist a few years ago, such as insecure communications, Ransomware, and social media
This seminar will also explain audits and enforcement, as well as how to respond to privacy and security breaches and how to prevent them. Numerous references and sample documents will be provided.
This Seminar is designed for the healthcare compliance expert and newbie alike who wish to stay up with changes to HIPAA and related regulations in personal information privacy and security, such as GDPR, 52 CFR Part 2, and FERPA, as well as understand the regulatory issues most frequently encountered in day-to-day operation of health care entities. Objectives include learning related to a variety of topics, including:
Learning about patient rights, such as access and amendment of information, and how such rights are protected and enforced under HIPAA and other rules
How uses and disclosures may take place under HIPAA in a wide variety of circumstances, including such hot topics as sharing information with the family and friends of a patient, and how those disclosures would be limited by Part 2 rules.
When FERPA takes over health records in schools, and when HIPAA controls them
Changes to Substance Use Disorder records confidentiality under 42 CFR Part 2
The EU General Data Protection Regulation (GDPR) background and scope
Ensuring individuals have adequate access of their information under the various rules.
Understanding the limits on Disclosures under the various rules.
The place of Information Security and incident management using the HIPAA Security and Breach Notification Rules
Processes to be used in managing security, mitigating risks, and handling incidents
Proper methods of documentation and training to ensure compliance and help avoid penalties, including the use of internal audits and drills to improve compliance continuously and be prepared for incidents and enforcement investigations