Group items tagged

Overview: The primary goal of this session is to demonstrate why the health care organization needs to perform a risk assessment and how to perform the risk assessment. This includes a description of the types of breaches of protected health information that have already occurred and the reasons those breaches happened. The presentation then provides that reasons that a risk assessment is required in a health care organization and who needs to perform the assessment. There are a number of approaches available both for purchase on the web and performed by professionals on site. This discussion helps the participant determine which approach is best for their health care organization and what portions of the assessment are most important to the organization. The topic addresses the key components of a risk assessment and how to perform the risk assessment. This includes how to define the specific risks, how to know, how to assess the likelihood and impact of the risk and the final determination on the level of severity of the risk for the organization. Finally, the session explains how to interpret the results of the risk assessment, how to use the results of the risk assessment for preparing the health care organization's policies and procedures and how to conduct the HIPAA training for its staff. Why should you attend: In addition to the negative publicity and potential fines, a breach of a patient's health information often leads to litigation which is also time consuming and costly. The way to avoid these situations is to perform a Risk Assessment to understand where the health care organization is risk of an unauthorized breach and provide a basis for becoming HIPAA compliant. There are three reasons why a Risk Assessment is necessary: First, both the HIPAA Privacy and Security Regulations require a Risk Assessment for the organization to be HIPAA compliant Second, as a result of the Risk Assessment the organization knows where it needs to address its effo

The emerging discipline of Hospitals Management Performance Assessments Over the past few years, Hospitals Management Performance Assessments have begun to gain acceptability and credence in healthcare circles. Hospitals Management Performance Assessments came into being as a result of a conscious effort by advanced countries, mainly European, with sufficient backing from the World Health Organization (WHO) to arrive at some sort of metrics to evaluate the critical functioning levels of hospitals. The topic of Hospitals Management Performance Assessments came to acquire proper shape and structure following the heavy reference the WHO made to this discipline at the WHO European Ministerial Conference on Health Systems of June 2008. The following year, it found resonance again, when it was the theme of the World Health Day. The evaluation of Hospitals Management Performance Assessments Hospitals Management Performance Assessments started to evolve primarily to provide healthcare professionals with a tool to diagnose the quality of performance of the hospitals and other healthcare settings they work in. It was felt, over time and experience, that when strict appraisals were being made in many areas of healthcare, a set of parameters to assess the level of efficiency of hospitals would go a long way in ensuring the implementation of enhanced processes, leading to better patient outcomes. Areas of concentration for Hospitals Management Performance Assessments The core disciplines in which Hospitals Management Performance Assessments sought to bring about measurable and verifiable improvements were: The PATH approach As a result of discussions and deliberations the WHO held with many countries, primarily European, a path for charting out the course of Hospitals Management Performance Assessments was concretized in the form of what the WHO called the PATH - the Performance Assessment Tool for Quality Improvement in Hospitals. A brief understanding of PATH PATH

HIPAA Enforcement trends : Health Insurance Portability and Accountability Act (HIPAA) is a legislation of the American Congress. HIPAA enforcement consists of taking steps to confirm that rules set out in HIPAA are being complied with by the requisite entities. Primarily passed with the intention of ensuring that employees do not lose their health insurance benefits when they change or leave their current jobs; this 1996 law also has the protection and security of Protected Health Information (PHI) as one of its chief aims. The Office of Civil Rights (OCR), which enforces actions relating to HIPAA, imposes harsh penalties on healthcare organizations and Business Associates and Covered Entities that are proven to be in noncompliance of HIPAA requirements. What are HIPAA enforcement actions? The actions that the OCR takes to ensure implementation of HIPAA provisions constitute the essence of HIPAA enforcement actions. There are a good number of areas which the OCR can cite as constituting cases of HIPAA violations or noncompliance. A look at recent HIPAA enforcement actions point to a trend. These trends serve as an indicator of what to expect from HIPAA enforcement actions, which will help entities get some idea of what they should implement and what they should not and thus prevent being cited by the OCR. Security risk assessments are the foremost element of HIPAA enforcement actions: A look at recent trends suggests that HIPAA enforcement actions mainly target security risk assessments. This leads to harsh penalties, as happened in the case of New York-Presbyterian Hospital (NYP). The hefty $ 4.8 million penalty slapped in 2014 on this hospital was for data breach caused by insufficient security risk assessment. While this is the biggest sum fined; the OCR issued at least three other hospitals for putting in place inadequate security risk assessments in 2014. Risk management comes a close second: If inadequate security risk assessments come first in te

Course "HIPAA Security & Privacy Official - Roles and Responsibilities" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Being the HIPAA Security and Privacy Official involves not only ensuring you know the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your HIPAA Security and Privacy Official needs to understand what all the HIPAA requirements are or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive seminar. Why you should attend: The HIPAA Security and Privacy Official is the backbone of any organization's compliance program. Often times this role is assigned as collateral duty in smaller organizations. Regardless the size of an organization, the HIPAA Security and Privacy Official must know all the requirements for compliance. This is a critical element of the position. Attendees will leave the course clearly understanding the role and all the requirements as the designated as a HIPAA Security and Privacy Official. This seminar will cover reviews, creation, and amending policy and procedure. After completing this course, a HIPAA Security and Privacy Official will have a clear understanding for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? The Role and Responsibilities of the HIPAA Security and Privacy Official Complying with HIPAA Requirements? What are the HIPAA Security

Course "HIPAA - Putting an Organizational Compliance Program in Place" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your healthcare practice, business, or organization needs to understand how to put HIPAA compliance program in place or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive 2 day training course. Why you should attend With an increase in HIPAA enforcement and Phase 2 audits underway, many organizations need to fully understand the requirements of a compliance program. Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and what steps need to be taken to mitigate risk. The seminar will include practical exercise to assist in knowing how to develop, review, and amend HIPAA policy and procedure. After completing this course, a Covered Entity or Business Associate will have a clear roadmap for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session * Why was HIPAA created? * What is HITECH and the Omnibus Rule? * Who Must Comply with HIPAA Requirements? * What are the HIPAA Security and Privacy Rules? * What is a HIPAA Compliance Program? * What is a HIPAA Risk Management Plan? * What is meant by

Course "HIPAA - Putting an Organizational Compliance Program in Place" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your healthcare practice, business, or organization needs to understand how to put HIPAA compliance program in place or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive 2 day training course. Why you should attend: With an increase in HIPAA enforcement and Phase 2 audits underway, many organizations need to fully understand the requirements of a compliance program. Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and what steps need to be taken to mitigate risk. The seminar will include practical exercise to assist in knowing how to develop, review, and amend HIPAA policy and procedure. After completing this course, a Covered Entity or Business Associate will have a clear roadmap for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: · Why was HIPAA created? · What is HITECH and the Omnibus Rule? · Who Must Comply with HIPAA Requirements? · What are the HIPAA Security and Privacy Rules? · What i

Course "New HIPAA Audit and Enforcement Activities: Being Prepared to Show your Compliance " has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: We will be discussing the history and evolution of HIPAA Privacy/Security and the major points you need to understand to proactively protect your practice or business from the imminent federal auditing process: * History of HIPAA * HITECH * HIPAA Omnibus Rule * How to perform a HIPAA Security Risk Assessment * What is involved in a Federal audit and how is it conducted * Risk factors for a federal audit * How to avoid a Federal audit * Business Associates and HIPAA audits * EHR and HIPAA * Business Continuity/Disaster Recovery Planning * Assessing your contractors and sub-contractors * In depth discussions on IT down to the nuts and bolts * Risk factors that can cause an audit (low hanging fruit) * New rules which grant states ability to sue citing HIPAA on behalf of a patient * New funding measures Why should you attend : The evolutions of this enigmatic law and how what was once relative benign in terms of enforcement is now fully funded and aggressive. Learn what you can do to be prepared for an audit and how to lower risks of ever being audited. It is absolutely imperative that you are proactive and not reactive with your compliance program, this is a necessary evil and you need to protect your practice or your business and limit risks from the imminent Federal audits. Join me in keeping up with this very confusing law and take advantage of all the templates and information provided as part of the seminar. Areas Covered in the Session: * HIPAA -Brief History * HIPAA Privacy Rule vs HIPAA Security Rule * HITECH Act * Breach Notification Rule * Omnibus Rule and audits * Business Associates and audits * Current Court Cases (precedence) * Paper Based PHI Concerns and how to lower risk

Course "HIPAA for the Compliance Officer" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: I will be going into great detail regarding you practice or business and how it relates to the HIPAA Security/Privacy Rule, Areas covered will be history of HIPAA, privacy vs security, business associates, changes for 2016, audit process, paper based PHI, HIPAA and suing, texting, email, encryption, medical messaging, voice data and much, much, more I will uncover myths versus reality as it relates to this very enigmatic law based on over 600 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. I will also speak to real life audits conducted by the Federal government (I've been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). In addition, this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. Don't always believe what you read online about HIPAA, especially as it relates to encryption and IT, there are a lot of groups selling more than is necessarily required. Why you should attend: This lesson will be addressing how practice/business managers (or compliance offers) need to get their HIPAA house in order before the imminent audits occur. It will also address major changes under the Omnibus Rule and any other applicable updates for 2016. There are an enormous amount of issues and risks for covered entities and business associates these days. I will speak on specific experiences from over 17 years of experience in working as an outsourced compliance auditor, expert witness on HIPAA cases, and thoroughly explain how patients are now able to get cash remedies for wrongful disclosures of private health information. More im

Overview: Final regulations for the new HIPAA Breach Notification Rule require much more than notifying individuals affected by a Breach of their Protected Health Information (PHI). Covered Entities and Business Associates first must follow and document a very specific process to determine if a Breach occurred. If no Breach occurred documentary proof must be kept for six years. If a Breach did occur timely notifications and other actions must be undertaken and documented. This webinar will explain: What Covered Entities and Business Associates must do to comply with the Breach Notification Rule What is and is not a Breach Three exceptions - when an acquisition, access, use, or disclosure of PHI not permitted by the Privacy Rule is not a Breach How to perform a Breach Risk Assessment to determine if you can demonstrate a a low probability that the PHI was compromised Who must be notified in case of a Breach When notifications must be provided What information must be contained in each notification Other requirements in case of a Breach Investigate Mitigate harm to affected individuals Protect against further Breaches Document everything Planning and preparation for the worst - public relations and mitigation strategies to limit damage to the organization's reputation and financial well-being Why should you attend: Breaches and incidents that might be Breaches happen all the time! More than 173,000 separate breaches of Protected Health Information (PHI) affecting less than 500 individuals were reported to the U. S. Department of Health and Human Services (HHS) between September, 2009 and May 31, 2015 and in the same period HHS received approximately 1240 reports of PHI breaches that affected 500 or more individuals An acquisition, access, use, or disclosure of PHI not permitted by the Privacy Rule is presumed to be a Breach unless it falls within an exception or the Covered Entity or Business Associate can demonstrate a low probability that the PHI was compromi

Overview: Participants will understand the importance of responding to the OCR pre-audit requests and how to respond. Our discussion will cover how to prepare for an anticipated OCR HIPAA privacy audit, by discussing how to conduct an internal self-assessment of your privacy program. We will discuss how to conduct the self-assessment, whether it be the need for policies, procedures or obtaining all of your business associates information. Why should you Attend: If you have received a request from the OCR to provide the name of your entities privacy official and additional criteria, you are already aware that you are on the OCR's radar and may be the focus of an audit. If you haven't received a request yet, anticipate receiving one soon. In addition to ensuring that your HIPAA program is audit ready, you also need to ensure that you know all of your business associates and have their information readily available to provide to the OCR. Your entity needs to be ready now, as the OCR will either conduct focused desk audits, on-site audits or both in effort to review documentation of evidence of your compliance with the HIPAA regulation. Areas Covered in the Session: Office of Civil Rights "OCR" requests for privacy official and additional information and timeline for response Internal assessment criteria of privacy program in anticipation of an OCR audit Conducting the assessment using the template based upon HIPAA regulations Discuss methods to address any found deficiencies Workforce training Who Will Benefit: Healthcare providers Compliance and Internal Audit professionals or office staff responsible for ensuring patient privacy Healthcare Administrators Business Associates and all HIPAA Covered Entities Speaker Profile Gail Madison Brown is a registered nurse and an attorney with over 25 years of experience in health care. For the last 15 years she has focused on health care compliance and revenue cycle management operations. Gail's experience ranges

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the understanding the fundamentals of a HIPAA compliance. If your healthcare practice, business, or organization needs to understand what is required to protect health records or make sure your current safeguards are adequate and can withstand government scrutiny, please join us for this informative and interactive course. Why should you Attend: With a substantial increase HIPAA data breaches, organizations must understand the requirements to safeguard protected health information. Attendees will leave the course clearly understanding of all the requirements that must be in place for protecting the health records their organizations maintain, create, transmit, or store. After completing this course, a Covered Entity or Business Associate will have a clear understanding for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? Who Must Comply with HIPAA Requirements? What are the HIPAA Security and Privacy Rules? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Assessment? What are HIPAA training requirements? What is a HIPAA data breach and what happens if it occurs? What are the penalties and fines for non-compliance and how to avoid them? Creating a Culture of Compliance Questions Who Will Benefit: Compliance Of

Overview: Section 13411 of the Health Information Technology for Economic and Clinical Health (HITECH) Act, requires Health and Human Services (HHS) to conduct periodic audits of providers and business associates to ensure their compliance with the HIPAA Security and Privacy Rule, and breach notification standards. To implement this mandate, the Office of Civil Rights (OCR) has conducted HIPAA/HITECH audit program with KPMG of 115 health care organizations to assess privacy and security compliance. This webinar will focus on the implementation and tracking of HIPAA audit best practices in a healthcare setup in order to prepare for the federal audit using published OCR audit protocols. Every audit begins with interviews, a questionnaire, and a thorough policy and procedures review. Presenter, with his decades of knowledge in the compliance, legal, auditing and security areas, will walk the attendees through the audit process, documentation requirements, and implementation specifications of the HIPAA privacy, security and breach rules. This presentation not only provides opportunity for the participants to prepare for the federal HIPAA audit but also to improve the security posture of their organizations by adopting to changing technology (mobile, social media, Health Information Exchange(HIE), cloud services, etc.) and threat landscape perspective as well. This presentation will uncover reasons why many health information breaches are occurring and help organizations better secure and comply with electronic protected health information by meeting the required and addressable HIPAA/HITECH security rules. The presenter will also share the best practices used for HIPAA security implementation and continuous risk assessment which is considered as "due diligence" by auditors for the HIPAA security compliance program. Areas Covered in the Session: Healthcare Technology Adoption/Trends Healthcare Regulatory (HIPAA/HITECH) and OCR/HHS Audit Overview Differences between

Quality Assurance in Nursing Healthcare: Quality assurance in nursing is about assuring quality in nursing by ensuring that practices are compliant with quality standards. This is a full-fledged profession with its own educational and experience requirements. Quality assurance in nursing has to be understood from the standpoint of quality assurance and compliance. Quality assurance in nursing is about ensuring adherence to quality standards as mandated by nursing regulatory bodies. Quality assurance in nursing assesses what healthcare processes are in place and what else needs to be implemented to better the system. Where do quality assurance nurses work? Professionals who make a career out of quality assurance in nursing are employed in various healthcare settings. They could work in clinics or small or large hospitals. Professionals who make a career in quality assurance in nursing are licensed registered nurses. Since they are registered nurses, they should also obtain a licentiate. To get this, they should complete a prerequisite approved nursing program. The exam for getting licensure is the National Council Licensure Examination for Registered Nurses (NCLEX-RN), a computer-based examination. A higher level of education for those in quality assurance in nursing is a master's degrees inhealth care quality or a near degree. In some healthcare organizations, this is required at entry level. Some of the works they do in maintaining quality assurance in nursing include: Reviewing reports or files to make sure that activities contained in them are following regulatory clinical standards Collaborating with colleagues from other departments to which nursing is related either directly or indirectly Interacting with other hospitals or organizations, if the need arises For professionals pursuing a career in quality assurance in nursing, the ability to analyze data and manage cases is a must, as a major part of their work involves these. They should also be prompt abou

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your healthcare practice, business, or organization needs to understand how to put HIPAA compliance program in place or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive course. Why should you Attend: With an increase in HIPAA enforcement and Phase 2 audits underway, many organizations need to fully understand the requirements of a compliance program. Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and what steps need to taken to mitigate risk. After completing this course, a Covered Entity or Business Associate will have a clear roadmap for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? Who Must Comply with HIPAA Requirements? What are the HIPAA Security and Privacy Rules? What is a HIPAA Compliance Program? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Assessment? What are HIPAA training requirements? What is a HIPAA data breach and what happens if it occurs? What are the penalties and fines for non-compliance and how to avoid them? Creating a Culture of Compliance Questions Who Will Benefit: Com

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the understanding the fundamentals of a HIPAA and how you will be required to demonstrate your organization's compliance program. If your healthcare practice, business, or organization needs to understand how to be prepared for an increase in HIPAA enforcement and make sure your current safeguards are adequate and can withstand government scrutiny, please join us for this informative and interactive course. Why should you Attend: BAll most 120,000,000 individuals were affected by HIPAA data breaches in 2015. This is a significant reason why Congress has inquired about the recent and very sizeable increases in cyber-attacks that inflect the risk of medical identity theft. The HHS Office for Civil Rights not only are conducting audits but is looking to increase HIPAA enforcement. Attendees will leave the course clearly understanding of all the requirements that must be in place for HIPAA and how to demonstrate compliance if audited. After completing this course, a Covered Entity or Business Associate will be able to know what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? What are the HIPAA Security and Privacy Rules? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Assessment? What are HIPAA training requirement

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your organization needs to understand the role of the HIPAA Security Official, the requirements, and make sure the current compliance program is adequate and can withstand government scrutiny, please join us for this informative and interactive course. Why should you Attend: The role of the HIPAA Security Official is critically important in complying with the HIPAA Security Rule. Besides being responsible for many of the daily operations within an organization, the Security Official is tasked with managing the HIPAA compliance program. Knowing what is required is part of the Security Official's duties. Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and to make sure on organization has the proper policies and procedures in place. After completing this course, a HIPAA Security Official will have a clear understanding for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? Who Must Comply with HIPAA Requirements? What are the HIPAA Security and Privacy Rules? The Role of the HIPAA Security Official What is a HIPAA Compliance Program? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Asses

Overview: As defined by the Health Information Portability and Accountability Act (HIPAA), a Business Associate can be any organization or person working in association with or providing services to a Covered Entity who handles or discloses Protected Health Information (PHI) or Personal Health Records (PHR). With certain exceptions, a person or entity that creates, receives, maintains, or transmits PHI for a function or activity regulated by the HIPAA Privacy Rule for a Covered Entity is a Business Associate. The HITECH Act, a recent update made to overall HIPAA regulations require Business Associates to comply with HIPAA mandates regarding the handling and use of health information. As a Business Associate you must comply with a wide-range of regulatory obligations, including certain privacy obligations, security standards, and breach notification requirements. If your business needs to understand what it means to be a Business Associate and know what required safeguards, policies and procedures must be in place or make sure your current compliance program is adequate and can withstand government scrutiny, please join us for this informative and interactive session. Why should you Attend: There is a lot of confusion about the role and requirements of being a Business Associate. Organizations must be prepared prior to entering into these contracts for services as a vendor and subcontractor. Attendees will leave the course clearly understanding of all the requirements that must be in place for the Business Associate - Covered Entity arrangement. After completing this course, a Business Associate will have a clear understanding as to what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? Who Must Comply with HIPAA Requirements? What are the HIPAA Security and Privacy Rules? What are the Consequences of being a Business Associate What is a HIPAA Compliance Program? What is a HIPAA Risk Mana

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your healthcare practice or office manager needs to understand what all the HIPAA requirements are or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive course.  Why should you Attend: The practice or office manager is the backbone of any healthcare office. Besides being responsible for many of the daily operations within an office, the practice manager is often tasked with managing the HIPAA compliance program. Knowing what is required is critically important.  Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and to make sure the practice has the proper policies and procedures in place. After completing this course, a practice or office manager will have a clear understanding for what needs to be place when it comes to all of the HIPAA regulations.  Areas Covered in the Session: Why was HIPAA created? Who Must Comply with HIPAA Requirements? What are the HIPAA Security and Privacy Rules? The Role of the HIPAA Security and Privacy Official What is a HIPAA Compliance Program? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Assessment? What are HIPAA training requirements?

Health Information Security Compliance: Health information security compliance requirements from HIPAA keep risk management at the core. These requirements also have other guidelines. Health information security compliance is a vital requirement for healthcare providers. Healthcare professionals have to ensure security and privacy of Protected Health Information (PHI) and Electronic Protected Health Information (ePHI), which are part of Electronic Health Records (EHR). The guidelines, rules and requirements are mandated by HIPAA, which is in charge of ensuring that there is privacy and security of health information. Challenges associated with health information security compliance The very fact that a lot of health information is stored in electronic records makes health information security compliance all the more challenging. The way in which information flows between various players in the sector is also a factor: shared computers and information sharing with third party associates like laboratories and billers. If a healthcare organization is not compliant with health information security, it could be held indirectly responsible for issues arising out of these. HIPAA has regulations and guidelines on how providers can keep PHI and ePHI. It suggests and strongly recommends risk analysis as the basis for health information security compliance. These are set out in the Meaningful Use requirements. Some of risk analysis methods include or relate to the following: The provider's EHR software and hardware Assessment of whether the provider's practice protocols are adequate Risk assessment of the provider's physical setting and environment Risk assessment relating to staff education and training A thorough examination of EHR access controls Risk management relating to contracts with the provider's Business Associates The healthcare provider's practices in relation to patient relations and communications Physical measures for ensuring health information security c

Overview: The connection between the Body, its physiology and particularly biochemistry, have been linked to the mind with particular emphasis upon emotions and stress. This can be easily substantiated in common everyday situations. Anyone who has observed a facial red flush triggered by some sort of embarrassment can attest to the foregoing connection. The emotions and stress play a key role in many if not all diseases and disorders: due to the vastness of the subject, we will focus on the application of the mind/body connection(MBC) to skin. This serves as an introduction to the field of psych dermatology which, although still in its infancy in the USA, is expanding as evidence with regard to the psychological component related to the etiology of skin diseases continues to grow. Concurrently, the field of Alternative techniques IN mind/body treatments continue to grow in leaps and bounds providing effective methods for integration with conventional cosmetic and dermaceutical treatment. This provides a dual complimentary pathway both for prevention and treatment of any/most skin disorders. Expanding on this model, we have already shown how the mind influences the body as per the above example. This general proposition can be extended to include specific skin disorders such as acne rosacea psoriasis eczema and atopic dermatitis to name a few. We will concentrate on Acne for the sake of this discussion. First, focusing on the B component of the BMC model, the primary lesion associated with acne is the formation microcomodones, which are small enough to proceed undetected until larger comodones appear later in the cycle. The latter cycle is initiated by peroxidation of squalene and unsaturated fatty acids present in human sebum. This leads to the foregoing lesions and pro- inflammatory mediators such as cytokines and interleukins followed by an increase of p.acnes on the epithelial cell wall together with increased film formation of the p.acnes is the same area This