Group items tagged

Course "Texting and E-mail with Patients: Patient Requests and Complying with HIPAA " has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: With the recent advances in portable technology, more and more organizations and their users are taking advantage of mobile devices to save time and get work done more efficiently. Texting, portable e-mail, and Apps are revolutionizing the ways health care providers interact with their patients and get their work done. But the use of these devices comes with hidden costs of compliance, especially if they lead to a reportable breach under HIPAA or state laws. HIPAA Privacy and Security Officers have been struggling to keep up with the use of the devices to protect patient privacy and avoid compliance issues. Even if these devices aren't in formal use in your organization, you need to act now to anticipate their use and make sure they are used properly. This session is designed to provide intensive, two-day training in HIPAA compliance as it relates to the use of mobile devices, including how to use them with Protected Health Information, the policies and procedures you need to have in place to use them securely, and how to manage issues of the "BYOD" phenomenon. The session provides the background and details for any manager of health information privacy and security to know what issues to look for with mobile devices, what needs to be done for HIPAA compliance, and what can happen when compliance is not adequate. Audits and enforcement will be explained, as well as privacy and security breaches and how to prevent them. Numerous references and sample documents will be provided. The session will be valuable for both newcomers to HIPAA compliance as well as seasoned veterans. HIPAA compliance will be explained and discussed in detail, from the basics through the latest changes and new technology issues, so that the attendee will have a coherent u

Overview: With the recent advances in portable technology, more and more organizations and their users are taking advantage of mobile devices to save time and get work done more efficiently. Texting, portable e-mail, and Apps are revolutionizing the ways health care providers interact with their patients and get their work done. But the use of these devices comes with hidden costs of compliance, especially if they lead to a reportable breach under HIPAA or state laws. HIPAA Privacy and Security Officers have been struggling to keep up with the use of the devices to protect patient privacy and avoid compliance issues. Even if these devices aren't in formal use in your organization, you need to act now to anticipate their use and make sure they are used properly. This session is designed to provide intensive, two-day training in HIPAA compliance as it relates to the use of mobile devices, including how to use them with Protected Health Information, the policies and procedures you need to have in place to use them securely, and how to manage issues of the "BYOD" phenomenon. The session provides the background and details for any manager of health information privacy and security to know what issues to look for with mobile devices, what needs to be done for HIPAA compliance, and what can happen when compliance is not adequate. Audits and enforcement will be explained, as well as privacy and security breaches and how to prevent them. Numerous references and sample documents will be provided. The session will be valuable for both newcomers to HIPAA compliance as well as seasoned veterans. HIPAA compliance will be explained and discussed in detail, from the basics through the latest changes and new technology issues, so that the attendee will have a coherent understanding of not only the rules, but also how to think about compliance and make sound compliance decisions on a day-to-day basis in the context of mobile devices. Agenda Day One Day one sets the stage with an ov

Course "The A to Z's of HIPAA Privacy, Security, and Breach Notification Rules" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: This session is designed to provide intensive, two-day training in HIPAA compliance, including what's new in the regulations, what's changed recently, and what needs to be addressed for compliance by covered entities and business associates. The session provides the background and details for any manager of healthcare information privacy and security to know what are the most important privacy and security issues, what needs to be done for HIPAA compliance, and what can happen when compliance is not adequate. Audits and enforcement will be explained, as well as privacy and security breaches and how to prevent them. Numerous references and sample documents will be provided. Who Will Benefit: * Information Security Officers * Risk Managers * Compliance Officers * Privacy Officers * Health Information Managers * Information Technology Managers * Medical Office Managers * Chief Financial Officers * Systems Managers * Legal Counsel * Operations Directors Agenda: Day One Day one sets the stage with an overview of the HIPAA regulations and then continues with presentation of the specifics of the Privacy Rule, recent changes to the rules, and the basics of the Security Rule Lecture 1: Overview of HIPAA Regulations * The Origins and Purposes of HIPAA * Privacy Rule History and Objectives * Security Rule History and Objectives * Breach Notification Requirements, Benefits, and Results Lecture 2: HIPAA Privacy Rule Principles, Policies and Procedures * Patient Rights under HIPAA * Limitations on Uses and Disclosures * Required Policies and Procedures * Training and Documentation Requirements Lecture 3: Recent and Proposed Changes to the HIPAA Rules * New Penalty Structure * New HIPAA Audit Program * New Patient Rights

Overview: This webinar will cover everything that you need to know about how to handle HIPAA security incidents, breaches, and complaints and the Department of Health and Human Resources Investigations thereof. Not all security incidents are breaches, but all breaches of confidentiality are within the broad ambit of security incidents. Privacy rule violations, such as failing to give a patient a copy of his or her medical records, may also constitute a breach as the $4.2 million fine assessed against Cignet Healthcare of Prince George's County, Maryland, dramatically proved. Handling an investigation properly is key to determining not only how to handle it to mitigate any harm and to take action to prevent it from happening again but also to determine whether it is reportable to affected individuals and to DHHS. HIPAA requires a complaint procedure (policy). The webinar will suggest what such a document should contain as it also will for the required report procedure (what is reportable, who reports, to whom, and required/suggested contents of the report) and the required response procedure (what do the responsible officials do after receiving the report or the complaint). Investigating a possible security incident is key. The webinar will cover how to conduct a thorough investigation of HIPAA security incidents, breaches, and patient complaints. Finally, the second largest HIPAA civil money penalty or settlement, $4.2 million, was in large part due to the offender's failure to cooperate with the DHHS investigation. The presenter has successfully defended his clients in seven such investigations and knows how to respond to them to avoid or minimize liability. Think of a gap analysis as an examination of: What you currently have in place for HIPAA compliance. Is that adequate? Can it be done better? Is it enough? And what am I missing? Asking these questions will help establish the direction and next steps to take. It lays the ground work for a good Risk Analys

Overview: This webinar will cover everything that you need to know about how to handle HIPAA security incidents, breaches, and complaints and the Department of Health and Human Resources Investigations thereof. Not all security incidents are breaches, but all breaches of confidentiality are within the broad ambit of security incidents. Privacy rule violations, such as failing to give a patient a copy of his or her medical records, may also constitute a breach as the $4.2 million fine assessed against Cignet Healthcare of Prince George's County, Maryland, dramatically proved. Handling an investigation properly is key to determining not only how to handle it to mitigate any harm and to take action to prevent it from happening again but also to determine whether it is reportable to affected individuals and to DHHS. HIPAA requires a complaint procedure (policy). The webinar will suggest what such a document should contain as it also will for the required report procedure (what is reportable, who reports, to whom, and required/suggested contents of the report) and the required response procedure (what do the responsible officials do after receiving the report or the complaint). Investigating a possible security incident is key. The webinar will cover how to conduct a thorough investigation of HIPAA security incidents, breaches, and patient complaints. Finally, the second largest HIPAA civil money penalty or settlement, $4.2 million, was in large part due to the offender's failure to cooperate with the DHHS investigation. The presenter has successfully defended his clients in seven such investigations and knows how to respond to them to avoid or minimize liability. Think of a gap analysis as an examination of: What you currently have in place for HIPAA compliance. Is that adequate? Can it be done better? Is it enough? And what am I missing? Asking these questions will help establish the direction and next steps to take. It lays the ground work for a good Risk Analy

Overview: The webinar will concentrate on topics that HHS has announced will be the focus of the first round of "desk audits". They reflect significant areas of non-compliance revealed in the 2012 pilot audits and HHS HIPAA violation investigations concluded by Resolution Agreements and Corrective Action Plans. They include: HIPAA Risk Analysis Risk Management based on Risk Analysis Breach Notification Notice of Privacy Practices (for Covered Entities) Minimum Necessary Standard Access of Individuals to their PHI Authorizations Workforce Training This webinar is vital because, in focusing on preparation for a HIPAA Compliance Audit, Covered Entities and Business Associates may review, prioritize and structure their HIPAA Compliance programs. If you have HIPAA Compliance documentation ready to submit on two weeks notice to HHS you are implementing an effective HIPAA Compliance program. In addition, every Covered Entity or Business Associate may face an HHS HIPAA Compliance investigation at any time due to a complaint or a Breach. If you are "audit ready" you will be ready for an investigation - and better able to avoid complaints and prevent breaches. Why should you attend: Every Covered Entity and Business Associate is liable - without prior notice - to be audited for HIPAA Compliance by HHS You will have only 2 weeks after receiving your HIPAA Compliance Audit notification and data request to upload all requested documents to an HHS HIPAA Compliance Audit Portal The HIPAA Compliance Audit data request you receive will specify content and file organization, file names and any other document submission requirements Auditors will not contact an audited entity for clarifications or ask for additional information - it is essential that submitted documents are current, accurately reflect the entity's HIPAA Compliance program and demonstrate HIPAA Compliance Only data submitted on time will be assessed Failure to respond on time may be referred to the HHS regional

Overview: Remember spaghetti code? The HIPAA breach area is now almost as convoluted and overlapping and confusing as spaghetti code. Sometimes you think you are both coming and going at the same time when you think through an event to determine if your organization has had a breach. For example: Is a security incident always a beach? Is an ePHI breach a security incident as well? Is a cybersecurity event always a breach? What if it does not steal any clinical information, diagnoses or procedures information, or any payment information? A security incident? Or both? Are all the necessary kinds of notice in the Breach rule? What is Cybersecurity Insurance? Is it really the finger in the dike or itself full of Swiss cheese? Can the loss of patient or member data be a HIPAA breach and identity theft plus a fraud issue? Why should you Attend: HIPAA breaches now number in the multiple thousands, if not multiple millions. Your organization needs to be prepared for the initial sense of panic, a complete investigation, and the federal, state and reputational costs of a mega breach. A breach now costs in money approximately $225/record. And this does not include any fine of any type. The loss and theft of 1000 records may cost you organization from a quarter to $1 M, or more, and 6 months to a year to resolve. You need to know the basics of what PHI and ePHI really are; what puts the event into the breach safe harbor, what breach exceptions keeps the event out of OCR's hands, what the 4 factors are and how they are used. You need to know that your organization's breach plan and your policies and procedures include the need to notify when necessary the police, the FBI and other state and federal organizations beyond the Office for Civil Rights. Your organization needs to know how to protect itself after the fact by considering Cybersecurity Insurance. Areas Covered in the Session: Definition and reporting of a Security Incident Definition of a breach Breach Guidance Br

The dermabrasion procedure, also known as laser skin resurfacing, is a surgical method used to eliminate outermost layers of the skin to enhance the look of smoother skin. Commonly practiced on patients' faces, the dermabrasion procedure can be done in a medical setting by a doctor or other qualified cosmetic surgeon, specifically trained in the technique to do the procedure correctly. During the procedure itself, a combination of local and deep pulsed light (ultraviolet) or green-yellow light is applied to the skin. There is a major difference between traditional and modern beauty dermabrasion Equipment applications. While the former use mechanical equipment, the latter are completely mechanical applications, without the use of any chemicals. There is a need for an effective analysis of this segment so that one may be able to know the best practices for the application of these treatments. Read more @ https://coherentmarketinsights-cmi.blogspot.com/2021/01/beauty-dermabrasion-equipment-is.html

Overview: New changes modifying the HIPAA Privacy and Security Regulations are going into place to meet the privacy and security mandates within the HITECH Act in the American Recovery and Reinvestment Act of 2009. The changes include establishing new rights for individuals as well as changes to the limitations on uses and disclosures. New requirements for patient access to records and requirements to notify individuals in the event of a breach are only two of the many areas affected in the new law, including new requirements for restriction and accounting of disclosures and increased enforcement activity. Covered entities that use electronic health records (EHRs) will need to meet new access and disclosure rules and all kinds of business associates and their subcontractors will need to establish compliance programs. And if you are required to have a HIPAA Notice of Privacy Practices, you will need to update that to show all the new rights that patients will have, such as electronic copies, new rights to restrict disclosures, and much more. Business associates are now directly covered by the HIPAA privacy and security regulations and are liable for fines and penalties if they do not comply. If a business associate supplies services that interact with the new changes to the rules, the BA will need to be aware of the new requirements. We will explain what a Business Associate needs to do differently under the new regulations. Electronic records have new demands placed on them, in both providing access and in accounting for all disclosures of health information - the electronic age in health care brings new obligations to serve individuals as well as manage health information for healthcare professionals. We will discuss how disclosures must be tracked in an EHR and review the various ways patient records can be supplied electronically. The new regulations will be reviewed and their effects on usual practices will be discussed, as will what policies need to be chang

Overview:   Institute for Healthcare Improvement (IHI) defines reliability as "failure-free performance over time2". This is simple enough to be understood by anyone. The aim is to have no failures over an extended time period in spite of variability in the patient environment. spite of variability in the patient environment.  This is in line with the technical definition of reliability as the probability of successful performance of intended functions for a specified length of time under a specified user (patient) environment. In a system where the severity of consequences is high, such as in hospitals, the goal is to achieve reliability as close to 100% as possible. This is called failure-free performance. Some hospitals have achieved this goal for specific medical procedures for several quarters. Can they extend this performance over years instead of quarters? That is the challenge we need to face and find elegant solutions zero mistakes or find a way to protect patients if a mistake cannot be prevented.  Why should you Attend: The failures of the U.S. healthcare system are enormous considering the severity of failures. As much as 400,000 patients die each year from hospital mistakes. Another 2.1 are harmed from nosocomial infections (infections acquired during hospital stay). The cost is in billions. Discussions with doctors show that there is reluctance to apply reliability principles to healthcare systems because the variability in healthcare is enormous compared to the aviation and industrial fields. Each customer (patient) is different and each illness is unique in its own way. Then there are interconnecting systems such as cardiology, gynecology, gastroenterology, emergency medicine, oncology, and patient data from various doctors, pagers, computers, vendor software, and intensive care, each operating independently most of the time. But good approaches to improving the system reliability have been tried and tested in many industries. There is a

Overview: In this session we will discuss the HIPAA audit and enforcement programs and how they work, and discuss the areas that caused the most issues in prior audits. We will explore what kind of issues and what kind of entities had the most problems, and show where entities need to improve their compliance the most. We will also explore the typical risk issues that lead to breaches of health information and see how those issues may be a target for auditors in the new 2016 audits. We will review the contents of the HIPAA Audit Protocol used in 2012 to show what documentation needs to be on hand should your organization be selected for an audit in the new round. We will present methods for using the contents of the HIPAA Audit Protocol to build your own compliance plan by extracting and updating the contents and relating your compliance activities directly to the questions that might be asked. In this session we will discuss the HIPAA audit and enforcement regulations and processes, and how they apply to HIPAA covered entities and business associates. We will explain the enforcement regulations and the new, increased fines and new penalty levels, including new penalties for willful neglect of compliance that begin at $10,000. We will discuss what information and documentation must be prepared in advance so that you can be ready for an audit at any time, including sample information request forms and questions asked at prior audits. The session will also cover how to know if you may become the subject of an audit or enforcement action, and what you can do to help limit your exposure. We will discuss how most enforcement actions come about and what can be done to prevent incidents that lead to enforcement activity. The HIPAA Privacy, Security, and Breach Notification regulations (and the recent changes to them) and how they will be audited will be explained. Documentation requirements for compliance will be explored and a framework of security policies necessary

Course "Verification vs. Validation - Product Process Software and QMS" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: This course will review the company Master Validation Plan for major key inputs and CGMP deficiencies. It will address the FDA's newer and tougher regulatory stance. This course's aim is to prove "Product Risk Based V&V" by sufficient, targeted and documented risk-based V&V test case elements/scripts. It will teach participants to evaluate its elements against ISO 14971 and ICH Q9 for hazard analysis and product risk management. This course will evaluate different field-tested, U.S. FDA-reviewed V&V protocols; how to employ equipment/process Requirements Specs / DQs, IQs, OQs, and PQs, or their equivalents per ASTM E2500, all against a background of limited company resources. It will review a matrix that simplifies "as-product", in-product", process and equipment, et al, software VT&V, to assure key FDA requirements are not overlooked. While considering the QMS and 21 CFR Part 11; this course will make practical application of these same in two hands-on sessions. Why you should attend: This session helps participants: * Understand Verification and Validation, differences and how they work together; * Discuss recent regulatory expectations; * Know how to document a "risk-based" rationale, and use it in a resource-constrained environment; * Determine key "milestones" and "tasks" in a project; * Locate and document key subject "inputs"; * Compile "generic" Master and Individual Validation Plans; * Learn the key element of a Product V&V File/Protocol; * Understand how to develop Process and/or Production/Test Equipment V&V Files/Protocols; * Get a grasp of basic Test Case construction; * Understand sample sizes and their justification; * Learn the key elements of Software V&V expected by the FDA and how to document; * Deal with hardwa

Overview: Today's diverse, fast-changing, multidisciplinary mental health care environment involves many mental health care professionals who work together for the common goal of the patient. This includes physicians/psychiatrists, psychiatric nurses, psychologists, and others. Nothing in health care is more fractured than in mental health among a multitude of mental health practitioners. Like physicians/psychiatrists and psychiatric nurses, psychologists as health care practitioners obtained an education, passed applicable examinations, completed professional training, and hold a license to practice their chosen profession of psychology, often by being educated and trained at the doctoral level. The license to practice is issued by the state agency which has exclusive jurisdiction over this health care practitioner. Thereafter, the state's authority and power over the psychologist often presents challenges to that professional that are not easy to navigate. Their governing state agency routinely handles, investigates, and dismisses- or prosecutes - alleged violations of law that can be career ending for the psychologist if pursued. But that process takes time with many steps necessary for due process of law. One of the ultimate actions the state may take is to issue a suspension or revocation of the psychologist's professional license. Yet many state actions fall short of such drastic outcomes, but still have serious, permanent consequences for the psychologist as a licensed health care professional. Learn to identify the legal authority for state agencies to regulate the practice of psychology. Seek to understand and defend against state actions which may result in ruinous practice and career consequences for the health care professional. This program offers an objective, thorough review of the ethical and legal violations committed by psychologists. This program also reviews defenses with practice tips to defend successfully those common violations. Otherwis

Preimplantation Genetic Diagnosis is offering to help those that aren't sure if they can have children of their own or if they will suffer from certain medical issues in the future. Pregnancy and Fertility are two other reasons why this test can be offered. The procedure is done when the couple is preparing for conception by checking for any irregularities on an ultrasound. The genetic information from the unaffected parents and the affected eggs are compared to determine if a genetic problem exists with the egg of one of the partners. The growing number of fertility clinics around the globe coupled with the advancement in the field of genetic analysis is driving the growth of Preimplantation Genetic Diagnosis Market. The increasing need for early detection of chromosomal abnormalities in the fetus is another major factor fueling the growth of Preimplantation Genetic Diagnosis Market. The advent of next-generation sequencing (NGS) is also contributing to the market growth. Furthermore, the growing prevalence of gene-related disorders is further anticipated to augment the growth of Preimplantation Genetic Diagnosis Market. Additionally, growing awareness regarding genetic diagnosis of a specific gene mutation among healthcare workers is again anticipated to foster market growth. Also, increasing maternal age and growing incidence of aneuploidy is expected to uplift the market growth in the near future. Read more @ https://sachinbhombe.blogspot.com/2021/03/promising-fertility-rate-is-escalating.html

Overview: This webinar will provide up to date information about what constitutes blood borne pathogens from infectious materials, as well as other potentially infectious materials. The webinar will provide answers about how to prevent exposures, deal with spills or exposures should they occur, and the how to recognize the hazards of blood borne pathogens. A thorough description of the types of infections of concern for blood borne pathogens, how one might be exposed, the differences between blood born infections and other potentially infectious materials, methods for dealing with potential exposures or spills, and the requirements from OSHA to protect workers from exposure or to track exposures if they occur. Areas Covered in the Session: Infectious materials Other potentially infectious materials Prophylactic techniques that might be available Use of personal protective equipment Policies and procedures required by OSHA to protect workers Who Will Benefit: Safety Professionals Administrators Lab Workers Those who might be exposed to blood borne pathogens Speaker Profile Kenneth S. Weinberg is an independent consultant in environmental health and safety. Dr. Weinberg has consulted for several companies in the areas of OSHA Injury and Illness reporting, as well as auditing for OSHA inspections. He has worked as the Director of Safety at Mass. General Hospital in Boston for almost twelve years, and has written several books on the topics of health care safety, OSHA, and Indoor Air Quality. He has also written several articles for prominent national safety publications, and serves on the editorial advisory boards for safety publications. He Also has been Administrator of the Health Care Divisio0n of the American Society of Safety Engineers, and is a member of several panels that advice on safety related matters. Price : $139.00 Contact Info: MentorHealth Phone No: 1-800-385-1607 FaX: 302-288-6884 support@mentorhealth.com Event Link: http://bit.ly/Blood-B

Overview: Upon completing this course participants will leave with a preliminary preventive control implementation plan and will: * Understand US FDA final rules for the Preventive Controls for Human and Animal Foods * Define and review your current system to identify gaps in your preventive controls planning. * Be able to develop and implement a valid preventive control company food safety plan to close any gaps * Write and implement appropriate procedures. * Know your requirements for control over your supply chain * Be able to plan and implement HARPC * Be able to perform environmental monitoring * Know how cross contamination can impact your preventive control plan * Know the difference between validation and verification * Understand and be able to use statistical process controls basics * Be able to plan and implement a team approach to preventive controls * Be able to help your food importers to jump through FDA hoops * Develop a system to risk rank your suppliers * Have a plan in hand that will pass any validation check for preventive controls * Understand some of the technology and costs that can help you establish preventive controls * Prove that your system actually prevents food safety problems * Be able to document and report results to upper management, external food safety auditors and FDA auditors * Save your company money Establish simple, low cost complete data collection and reporting systems. * Establish teambuilding between food safety and quality personnel to develop and implement changes to your current system * Understand food safety, security and recall responsibilities in light of cargo theft, adulteration and temperature failures * Learn how to use your system to get some ROI and improve your marketing position * Review current and future technologies designed to improve and simplify data collection * Establish a completely documented system Why should you attend: Validation of preventive co

Overview: The objectives of this course will be to go over the specific risks associated with business associates as it relates to HIPAA compliance. I will uncover myths versus reality as it relates to this very enigmatic law based on over 600 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. Times have changed and unfortunately many businesses are losing clients or unable to get new clients due to problems with their compliance program or lack of a compliance program. I will demonstrate from real life audits conducted by the Federal government what your highest risks are for being fined (some of the risk factors may surprise you). In addition this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. States are being encouraged by the Federal government to implement new laws to remedy their citizens. Why should you Attend: Protect your business! Business associates are now required to comply directly with the HIPAA legislation! Many businesses are losing clients or unable to get clients because of compliance issues. We will be discussing the changes taking place in Washington DC with the Health and Human Services in relating to new risks business associates face under HIPAA. I will also be discussing factors might cause an unwanted visit or letter from the Office of Civil Rights and how to prepare for the audit and deal with the Feds Areas Covered in the Session: Updates for 2016 What to do if a client requires more than just a signed business associate agreement Fines Policy and Procedure Who Will Benefit: Any business associates who work with medical practices or hospitals (i.e. billing companies, transcription companies, IT companies, answering services, home health, coders, attorneys, etc) Speaker Profile Brian Tuttle is a Certified Professional in H