Group items tagged

Overview: This webinar will cover everything that you need to know about how to handle HIPAA security incidents, breaches, and complaints and the Department of Health and Human Resources Investigations thereof. Not all security incidents are breaches, but all breaches of confidentiality are within the broad ambit of security incidents. Privacy rule violations, such as failing to give a patient a copy of his or her medical records, may also constitute a breach as the $4.2 million fine assessed against Cignet Healthcare of Prince George's County, Maryland, dramatically proved. Handling an investigation properly is key to determining not only how to handle it to mitigate any harm and to take action to prevent it from happening again but also to determine whether it is reportable to affected individuals and to DHHS. HIPAA requires a complaint procedure (policy). The webinar will suggest what such a document should contain as it also will for the required report procedure (what is reportable, who reports, to whom, and required/suggested contents of the report) and the required response procedure (what do the responsible officials do after receiving the report or the complaint). Investigating a possible security incident is key. The webinar will cover how to conduct a thorough investigation of HIPAA security incidents, breaches, and patient complaints. Finally, the second largest HIPAA civil money penalty or settlement, $4.2 million, was in large part due to the offender's failure to cooperate with the DHHS investigation. The presenter has successfully defended his clients in seven such investigations and knows how to respond to them to avoid or minimize liability. Think of a gap analysis as an examination of: What you currently have in place for HIPAA compliance. Is that adequate? Can it be done better? Is it enough? And what am I missing? Asking these questions will help establish the direction and next steps to take. It lays the ground work for a good Risk Analys

Overview: This webinar will cover everything that you need to know about how to handle HIPAA security incidents, breaches, and complaints and the Department of Health and Human Resources Investigations thereof. Not all security incidents are breaches, but all breaches of confidentiality are within the broad ambit of security incidents. Privacy rule violations, such as failing to give a patient a copy of his or her medical records, may also constitute a breach as the $4.2 million fine assessed against Cignet Healthcare of Prince George's County, Maryland, dramatically proved. Handling an investigation properly is key to determining not only how to handle it to mitigate any harm and to take action to prevent it from happening again but also to determine whether it is reportable to affected individuals and to DHHS. HIPAA requires a complaint procedure (policy). The webinar will suggest what such a document should contain as it also will for the required report procedure (what is reportable, who reports, to whom, and required/suggested contents of the report) and the required response procedure (what do the responsible officials do after receiving the report or the complaint). Investigating a possible security incident is key. The webinar will cover how to conduct a thorough investigation of HIPAA security incidents, breaches, and patient complaints. Finally, the second largest HIPAA civil money penalty or settlement, $4.2 million, was in large part due to the offender's failure to cooperate with the DHHS investigation. The presenter has successfully defended his clients in seven such investigations and knows how to respond to them to avoid or minimize liability. Think of a gap analysis as an examination of: What you currently have in place for HIPAA compliance. Is that adequate? Can it be done better? Is it enough? And what am I missing? Asking these questions will help establish the direction and next steps to take. It lays the ground work for a good Risk Analy

Overview: Mental health care practitioners work in today's diverse, fast-changing, multidisciplinary health care environment. Nowhere but in mental health is there such diversity of clinicians who provide the same or similar services of counseling and therapy. A potential client has a wide choice of mental health providers from whom to choose. Yet each individual mental health profession has a unique education, training, and experience requirement for practice. While similarities exist, requirements differ from state to state and even from profession to profession with a single state. What are these requirements and how do they apply? The state's authority and power over mental health practitioners often presents challenges to these mental health professionals that are not easy to navigate. Differing sources of legal and ethical authority govern each respective health care practitioner in ways that are similar but not the same. Ethics and law are similar, but not the same. All mental health practitioners must adhere to standards of state law which govern their professional practices, including the very core of the doctor-patient relationship. Codes of ethics and state law may both apply to govern the conduct of this clinician. Even some state laws are referred to as ethical codes. Complaints as to alleged misconduct or ethical failings are received and investigated by a state agency and leave the mental health practitioner with an uncertain process to handle and to defend the state action against them. With this background, this seminar empowers the full understanding and application of ethics and laws for mental health practitioners. Learn to identify and understand an ethical framework for a sound mental health practice. An ethical framework is essential to having the right perspective to examine mental health dilemmas. Compare and contrast regulatory laws and codes of ethics to understand their differing applicability. Know the difference between laws and ethics,

Overview: Today's educated professionals function in a maze of different educational and training requirements, which vary from state to state and from profession to profession. Nowhere than in health care is this more evident where multidisciplinary health care practitioners work together towards a common goal for the patient. What is a profession? What areas of work require the unique professional education, training, and experience that becomes mandated by the state? What work requires professional judgment and skill so as to be regulated by the government through mandatory laws applicable to an individual person practicing his or her chosen profession? State laws are enacted for the protection of the public by legislatures in all the fifty states. A list of individual professions and their applicable statues and administrative regulations takes up entire volumes of lawbooks. These state laws impose significant regulation on these professionals, and often in very different ways found in many aspects of state regulation, from the educational process, the examination requirements, the state licensure applications, and the legal standards and rules of each unique profession. Explore how state licensure boards are created and function at the state level. While most such state agencies have common, core functions and operations, there are many differences - and some requirements that are truly the opposite from profession to profession. Review the common requirements the state imposes on the health care provider. Know the basics of professional education and licensure. Understand the difference between legally binding laws and mere codes of ethics, which are aspirational and do not form the basis for legal action. Find out how to understand and navigate the challenges presented from differing and conflicting state laws governing the many health care professions. Know where key requirements exist that are common to many professions. This program

Overview: Today's educated professionals function in a maze of different educational and training requirements, which vary from state to state and from profession to profession. Nowhere than in health care is this more evident where multidisciplinary health care practitioners work together towards a common goal for the patient. What is a profession? What areas of work require the unique professional education, training, and experience that becomes mandated by the state? What work requires professional judgment and skill so as to be regulated by the government through mandatory laws applicable to an individual person practicing his or her chosen profession? State laws are enacted for the protection of the public by legislatures in all the fifty states. A list of individual professions and their applicable statues and administrative regulations takes up entire volumes of lawbooks. These state laws impose significant regulation on these professionals, and often in very different ways found in many aspects of state regulation, from the educational process, the examination requirements, the state licensure applications, and the legal standards and rules of each unique profession. Explore how state licensure boards are created and function at the state level. While most such state agencies have common, core functions and operations, there are many differences - and some requirements that are truly the opposite from profession to profession. Review the common requirements the state imposes on the health care provider. Know the basics of professional education and licensure. Understand the difference between legally binding laws and mere codes of ethics, which are aspirational and do not form the basis for legal action. Find out how to understand and navigate the challenges presented from differing and conflicting state laws governing the many health care professions. Know where key requirements exist that are common to many professions. This program

Overview: Final regulations for the new HIPAA Breach Notification Rule require much more than notifying individuals affected by a Breach of their Protected Health Information (PHI). Covered Entities and Business Associates first must follow and document a very specific process to determine if a Breach occurred. If no Breach occurred documentary proof must be kept for six years. If a Breach did occur timely notifications and other actions must be undertaken and documented. This webinar will explain: What Covered Entities and Business Associates must do to comply with the Breach Notification Rule What is and is not a Breach Three exceptions - when an acquisition, access, use, or disclosure of PHI not permitted by the Privacy Rule is not a Breach How to perform a Breach Risk Assessment to determine if you can demonstrate a a low probability that the PHI was compromised Who must be notified in case of a Breach When notifications must be provided What information must be contained in each notification Other requirements in case of a Breach Investigate Mitigate harm to affected individuals Protect against further Breaches Document everything Planning and preparation for the worst - public relations and mitigation strategies to limit damage to the organization's reputation and financial well-being Why should you attend: Breaches and incidents that might be Breaches happen all the time! More than 173,000 separate breaches of Protected Health Information (PHI) affecting less than 500 individuals were reported to the U. S. Department of Health and Human Services (HHS) between September, 2009 and May 31, 2015 and in the same period HHS received approximately 1240 reports of PHI breaches that affected 500 or more individuals An acquisition, access, use, or disclosure of PHI not permitted by the Privacy Rule is presumed to be a Breach unless it falls within an exception or the Covered Entity or Business Associate can demonstrate a low probability that the PHI was compromi

Overview: As defined by the Health Information Portability and Accountability Act (HIPAA), a Business Associate can be any organization or person working in association with or providing services to a Covered Entity who handles or discloses Protected Health Information (PHI) or Personal Health Records (PHR). With certain exceptions, a person or entity that creates, receives, maintains, or transmits PHI for a function or activity regulated by the HIPAA Privacy Rule for a Covered Entity is a Business Associate. The HITECH Act, a recent update made to overall HIPAA regulations require Business Associates to comply with HIPAA mandates regarding the handling and use of health information. As a Business Associate you must comply with a wide-range of regulatory obligations, including certain privacy obligations, security standards, and breach notification requirements. If your business needs to understand what it means to be a Business Associate and know what required safeguards, policies and procedures must be in place or make sure your current compliance program is adequate and can withstand government scrutiny, please join us for this informative and interactive session. Why should you Attend: There is a lot of confusion about the role and requirements of being a Business Associate. Organizations must be prepared prior to entering into these contracts for services as a vendor and subcontractor. Attendees will leave the course clearly understanding of all the requirements that must be in place for the Business Associate - Covered Entity arrangement. After completing this course, a Business Associate will have a clear understanding as to what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? Who Must Comply with HIPAA Requirements? What are the HIPAA Security and Privacy Rules? What are the Consequences of being a Business Associate What is a HIPAA Compliance Program? What is a HIPAA Risk Mana

Overview: One of the major requirements of the health care organization to be HIPAA compliant is to develop and implement a set of HIPAA privacy and security policies and procedures. This can be a daunting task for those not knowing where to start and what a set of HIPAA privacy and security policies and procedures should look like. For the cost conscious health care organization, the HIPAA policies and procedures can have multiple uses: first, they can become a basis for training the health care organization workforce; second, they can be used as a basis for conducting a HIPAA self-assessment; and third, they can be used to demonstrate due diligence should there be a breach or an externalHIPAA compliance audit. In today's world it is not necessary that the health care organization spend significant funds to develop a set of HIPAA privacy and security policies and procedures from scratch. The health care organization can likely find templates on the internet that can be used as a starting point to customize HIPAA policies and procedures to be unique for the health care organization. The preparation of a well-documented set of HIPAA policies and procedures needs to be addressed through the development of Privacy and Security policies and procedures that address each of the requirements shown in the HIPAA regulations as amended by the HITECH law and the final Omnibus Regulations. The process of developing the HIPAA privacy and security policies and procedures also provides a reference for the health care organization how to consider the security addressable and required regulation requirements. Why should you attend: There are three situations where having a set of HIPAA policies and procedures are needed: First, the policies and procedures become a good reference to ensure that all areas are addressed for becoming HIPAA compliant. Second, the HIPAA regulations REQUIRE covered entities and business associates to have a set of policies and procedures directing

Overview: One of the major requirements of the health care organization to be HIPAA compliant is to develop and implement a set of HIPAA privacy and security policies and procedures. This can be a daunting task for those not knowing where to start and what a set of HIPAA privacy and security policies and procedures should look like. For the cost conscious health care organization, the HIPAA policies and procedures can have multiple uses: first, they can become a basis for training the health care organization workforce; second, they can be used as a basis for conducting a HIPAA self-assessment; and third, they can be used to demonstrate due diligence should there be a breach or an externalHIPAA compliance audit. In today's world it is not necessary that the health care organization spend significant funds to develop a set of HIPAA privacy and security policies and procedures from scratch. The health care organization can likely find templates on the internet that can be used as a starting point to customize HIPAA policies and procedures to be unique for the health care organization. The preparation of a well-documented set of HIPAA policies and procedures needs to be addressed through the development of Privacy and Security policies and procedures that address each of the requirements shown in the HIPAA regulations as amended by the HITECH law and the final Omnibus Regulations. The process of developing the HIPAA privacy and security policies and procedures also provides a reference for the health care organization how to consider the security addressable and required regulation requirements. Why should you attend: There are three situations where having a set of HIPAA policies and procedures are needed: First, the policies and procedures become a good reference to ensure that all areas are addressed for becoming HIPAA compliant. Second, the HIPAA regulations REQUIRE covered entities and business associates to have a set of policies and procedures directing t

Overview: The primary goal of this session is to demonstrate why the health care organization needs to perform a risk assessment and how to perform the risk assessment. This includes a description of the types of breaches of protected health information that have already occurred and the reasons those breaches happened. The presentation then provides that reasons that a risk assessment is required in a health care organization and who needs to perform the assessment. There are a number of approaches available both for purchase on the web and performed by professionals on site. This discussion helps the participant determine which approach is best for their health care organization and what portions of the assessment are most important to the organization. The topic addresses the key components of a risk assessment and how to perform the risk assessment. This includes how to define the specific risks, how to know, how to assess the likelihood and impact of the risk and the final determination on the level of severity of the risk for the organization. Finally, the session explains how to interpret the results of the risk assessment, how to use the results of the risk assessment for preparing the health care organization's policies and procedures and how to conduct the HIPAA training for its staff. Why should you attend: In addition to the negative publicity and potential fines, a breach of a patient's health information often leads to litigation which is also time consuming and costly. The way to avoid these situations is to perform a Risk Assessment to understand where the health care organization is risk of an unauthorized breach and provide a basis for becoming HIPAA compliant. There are three reasons why a Risk Assessment is necessary: First, both the HIPAA Privacy and Security Regulations require a Risk Assessment for the organization to be HIPAA compliant Second, as a result of the Risk Assessment the organization knows where it needs to address its effo

When movement is impaired by injury or a chronic health condition, a transport wheelchair can help regain some of the mobility. The traditional or standard weight transport wheelchair has two large rear wheels and a pair of smaller wheels in the front. Advances in design and materials have made different models available to suit different needs. Lightweight transport wheelchairs made of light but sturdy aluminum are a good choice for more active individuals, as well as for people who take frequent trips from home. when the wheelchair will need to be folded and more easily lifted and stowed in a car trunk. A transport chair solves limited mobility issues without the need to use a traditional wheelchair that is heavy and hard to collapse and put in a car. A transport chair typically has four small wheels, two in the front and two in the rear. Lightweight wheelchairs are effortlessly carried up and down stairs due to their ultra light nature and portability, making them the perfect choice for those who do not require a wheelchair at all times. The chair can be simply folded and stored until required. Travelling by car, coach or plane is made simple and the practicality of a wheelchair that is easily manoeuvred and stored makes everyday life uncomplicated and stress free. Choosing the right wheelchair that meets every personal requirement is an important decision for all wheelchair users. They offer a wealth of benefits as well as a wheelchair that is durable and adaptable, with numerous opportunities to be personalised to meet each individual need. Lightweight transport wheelchair mobility chairs feature adjustable frames, which allow to change the angle of the seat back to achieve several different seating positions. Lightweight wheelchairs with desk-length armrests enable users to sit closer to a table or desk; while, full-length armrests provide complete support of the arms. Karma KM 2500 L Big Wheel Wheelchair: Karma KM 2500 L Wheelchair Specifications:

Overview: The connection between the Body, its physiology and particularly biochemistry, have been linked to the mind with particular emphasis upon emotions and stress. This can be easily substantiated in common everyday situations. Anyone who has observed a facial red flush triggered by some sort of embarrassment can attest to the foregoing connection. The emotions and stress play a key role in many if not all diseases and disorders: due to the vastness of the subject, we will focus on the application of the mind/body connection(MBC) to skin. This serves as an introduction to the field of psych dermatology which, although still in its infancy in the USA, is expanding as evidence with regard to the psychological component related to the etiology of skin diseases continues to grow. Concurrently, the field of Alternative techniques IN mind/body treatments continue to grow in leaps and bounds providing effective methods for integration with conventional cosmetic and dermaceutical treatment. This provides a dual complimentary pathway both for prevention and treatment of any/most skin disorders. Expanding on this model, we have already shown how the mind influences the body as per the above example. This general proposition can be extended to include specific skin disorders such as acne rosacea psoriasis eczema and atopic dermatitis to name a few. We will concentrate on Acne for the sake of this discussion. First, focusing on the B component of the BMC model, the primary lesion associated with acne is the formation microcomodones, which are small enough to proceed undetected until larger comodones appear later in the cycle. The latter cycle is initiated by peroxidation of squalene and unsaturated fatty acids present in human sebum. This leads to the foregoing lesions and pro- inflammatory mediators such as cytokines and interleukins followed by an increase of p.acnes on the epithelial cell wall together with increased film formation of the p.acnes is the same area This

Overview: Remember spaghetti code? The HIPAA breach area is now almost as convoluted and overlapping and confusing as spaghetti code. Sometimes you think you are both coming and going at the same time when you think through an event to determine if your organization has had a breach. For example: Is a security incident always a beach? Is an ePHI breach a security incident as well? Is a cybersecurity event always a breach? What if it does not steal any clinical information, diagnoses or procedures information, or any payment information? A security incident? Or both? Are all the necessary kinds of notice in the Breach rule? What is Cybersecurity Insurance? Is it really the finger in the dike or itself full of Swiss cheese? Can the loss of patient or member data be a HIPAA breach and identity theft plus a fraud issue? Why should you Attend: HIPAA breaches now number in the multiple thousands, if not multiple millions. Your organization needs to be prepared for the initial sense of panic, a complete investigation, and the federal, state and reputational costs of a mega breach. A breach now costs in money approximately $225/record. And this does not include any fine of any type. The loss and theft of 1000 records may cost you organization from a quarter to $1 M, or more, and 6 months to a year to resolve. You need to know the basics of what PHI and ePHI really are; what puts the event into the breach safe harbor, what breach exceptions keeps the event out of OCR's hands, what the 4 factors are and how they are used. You need to know that your organization's breach plan and your policies and procedures include the need to notify when necessary the police, the FBI and other state and federal organizations beyond the Office for Civil Rights. Your organization needs to know how to protect itself after the fact by considering Cybersecurity Insurance. Areas Covered in the Session: Definition and reporting of a Security Incident Definition of a breach Breach Guidance Br