Group items tagged

Course "Effective and Efficient Internal and Supplier Quality System Auditing for Medical Devices" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Do you want to understand how to do efficient and effective internal and supplier audits that meet all the requirements of your external auditors, but also add value to your company? Are you confused by all the requirements and guidance documents for medical device quality management systems and are tired of wading through all the regulatory language they contain. This course is for those who will do internal or supplier audits, manage an audit process for these or other company audits. This course will provide you with an easy to understand presentation on the auditing process as well as the requirements you will need to audit under ISO 13485 and the FDA Quality System Regulation (cGMP) Both FDA Quality System Regulation (QSR) and ISO 13485 require that companies do internal audits. However, because the FDA does not look at the content of internal audits, some companies do not get feedback on the true effectiveness of their internal audit system from the FDA during FDA Inspections. ISO 13485 auditors do look at internal audits, but are most concerned that you define a process that meets the requirements of the standard and are following your process. Both require that you define Auditor training is required, but this sometimes just requires reading the company's procedure, although most external auditors will look for more than this. Do you need to train new auditors for yours medical device quality management system or to audit your suppliers? Or do you need to improve the training of your internal and supplier auditors so that they add value to these audits? If you need to do either of these, this seminar will provide this training. In addition to auditing skills and hands-on auditing exercises, this seminar will provide an ove

Overview: Upon completing this course participants will leave with a preliminary preventive control implementation plan and will: * Understand US FDA final rules for the Preventive Controls for Human and Animal Foods * Define and review your current system to identify gaps in your preventive controls planning. * Be able to develop and implement a valid preventive control company food safety plan to close any gaps * Write and implement appropriate procedures. * Know your requirements for control over your supply chain * Be able to plan and implement HARPC * Be able to perform environmental monitoring * Know how cross contamination can impact your preventive control plan * Know the difference between validation and verification * Understand and be able to use statistical process controls basics * Be able to plan and implement a team approach to preventive controls * Be able to help your food importers to jump through FDA hoops * Develop a system to risk rank your suppliers * Have a plan in hand that will pass any validation check for preventive controls * Understand some of the technology and costs that can help you establish preventive controls * Prove that your system actually prevents food safety problems * Be able to document and report results to upper management, external food safety auditors and FDA auditors * Save your company money Establish simple, low cost complete data collection and reporting systems. * Establish teambuilding between food safety and quality personnel to develop and implement changes to your current system * Understand food safety, security and recall responsibilities in light of cargo theft, adulteration and temperature failures * Learn how to use your system to get some ROI and improve your marketing position * Review current and future technologies designed to improve and simplify data collection * Establish a completely documented system Why should you attend: Validation of preventive co

Course "Supplier Management for Medical Device Manufacturers" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Supplier selection and management is one of the critical issues for medical device manufacturers. Suppliers provide materials and services to the device manufacturer, which means that they can be critical to performance and delivery of your device. Neither the FDA nor your notified body regulates your suppliers (with a few exceptions). They expect you to have an effective process to ensure your suppliers perform in the regulatory environment. How well do you understand the requirements for supplier management? Could you pass a regulatory audit or inspection without any issues? This course delivers the tools, templates, and methods to help participants implement an effective and efficient supplier management program. This two-day hands-on course provides a clear understanding of the underlying principles of supplier management. The course uses exercises to solidify understanding. In addition, the course uses FDA Warning Letters to illustrate the points and help you learn from others. As part of the practical implementation, the course includes receiving acceptance activities, outsourced processes, process validation at the suppliers' location, supplier auditing techniques, and supplier issues in management review. The course uses the Global Harmonization Task Force (GHTF) framework, but expands it to cover other issues and techniques important in effective implementation. Why should you attend: Since FDA regulations do not allow them to audit your suppliers unless they make finished medical devices, they require that you have sufficient control over them. But from time to time the FDA makes a reinterpretation of what this means. This happened within the last f 5 years, so if you supplier management program is older than that, you need to make major changes in you supp

Overview: Essentially, covering in 90 minutes the basics of E everything that applies to your clinical work. We will give you the questions to ask your IT people, because you should not implicitly trust them, because the law will hold you accountable more than them. We will first cover the general principles of electronic compliances as laid forth in HIPAA. We will then discuss how this applies to your desktop/laptop/iPads and smart devices, other electronic equipment such as routers and modems. We also cover the use of email, secure mail and your EHR/EMR. We will discuss the pros and cons of using the cloud for your data storage and EHR/EMR, i.e. knowing what a HIPAA compliant data center looks like. Principles in the use of encryption and passwords and other security principles will also be covered. Why should you Attend: Unless you are 100% sure you've thought through every angle of your patient's electronic PHI and you sleep like a baby never concerned about this then you need to attend. If you have any questions about the details of what electronic compliance looks like and how it's applied in day-to-day clinical and business activities, interactions with vendors, EHR/EMR, your relationship with your ISP and IT providers, use of all electronic devices, then this workshop is for you. It also gives you principles to apply in new situations which are likely to arise frequently. If you wrote the book on this it would be out of date in 24 hours, so what's important is to learn how to think about these things and use your resources to stay ahead of the game. If you are confident you have the basics covered on every item listed below then this seminar is not for you. Areas Covered in the Session: HIPAA electronic compliance Secure use of EHR/EMR Email and secure mail use Encryption and password security principles Interfacing with the public Interfacing with vendors such as ISPs and other telecommunication companies Backups Cloud use How to know your data center

Overview: In this session we will discuss the HIPAA audit and enforcement programs and how they work, and discuss the areas that caused the most issues in prior audits. We will explore what kind of issues and what kind of entities had the most problems, and show where entities need to improve their compliance the most. We will also explore the typical risk issues that lead to breaches of health information and see how those issues may be a target for auditors in the new 2016 audits. We will review the contents of the HIPAA Audit Protocol used in 2012 to show what documentation needs to be on hand should your organization be selected for an audit in the new round. We will present methods for using the contents of the HIPAA Audit Protocol to build your own compliance plan by extracting and updating the contents and relating your compliance activities directly to the questions that might be asked. In this session we will discuss the HIPAA audit and enforcement regulations and processes, and how they apply to HIPAA covered entities and business associates. We will explain the enforcement regulations and the new, increased fines and new penalty levels, including new penalties for willful neglect of compliance that begin at $10,000. We will discuss what information and documentation must be prepared in advance so that you can be ready for an audit at any time, including sample information request forms and questions asked at prior audits. The session will also cover how to know if you may become the subject of an audit or enforcement action, and what you can do to help limit your exposure. We will discuss how most enforcement actions come about and what can be done to prevent incidents that lead to enforcement activity. The HIPAA Privacy, Security, and Breach Notification regulations (and the recent changes to them) and how they will be audited will be explained. Documentation requirements for compliance will be explored and a framework of security policies necessary

Are you struggling with the fact that you really don't know anything about how to get into shape? If you're busy living in yesterday's errors, many of your decisions will be founded on guilt and shame instead of what you really want (and need) to accomplish to achieve your goals. Real change comes from day-to-day choices and becoming mindful and basing your choices on what you need now (rather than what you did or didn't do yesterday) will make your exercise life much more passable. What if I can offer you a solution that will help you to attain greatness, to become a success and learn about the best ways to get in shape? In this book, you will learn about: - Navigate the Astral Plane - MIRROR MADNESS - The Health Zen - Vitamin Vitality - Native American Healing - Boost your Health with Gua Sha - Beautiful Body Essential - Secret of Food Combination - Lose Weight Fasting - Child Diet - many other useful things!

Are you struggling with the fact that you really don't know anything about how to get into shape? If you're busy living in yesterday's errors, many of your decisions will be founded on guilt and shame instead of what you really want (and need) to accomplish to achieve your goals. Real change comes from day-to-day choices and becoming mindful and basing your choices on what you need now (rather than what you did or didn't do yesterday) will make your exercise life much more passable. What if I can offer you a solution that will help you to attain greatness, to become a success and learn about the best ways to get in shape? In this book, you will learn about: - Navigate the Astral Plane - MIRROR MADNESS - The Health Zen - Vitamin Vitality - Native American Healing - Boost your Health with Gua Sha - Beautiful Body Essential - Secret of Food Combination - Lose Weight Fasting - Child Diet - many other useful things!

Course "New HIPAA Audit and Enforcement Activities: Being Prepared to Show your Compliance " has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: We will be discussing the history and evolution of HIPAA Privacy/Security and the major points you need to understand to proactively protect your practice or business from the imminent federal auditing process: * History of HIPAA * HITECH * HIPAA Omnibus Rule * How to perform a HIPAA Security Risk Assessment * What is involved in a Federal audit and how is it conducted * Risk factors for a federal audit * How to avoid a Federal audit * Business Associates and HIPAA audits * EHR and HIPAA * Business Continuity/Disaster Recovery Planning * Assessing your contractors and sub-contractors * In depth discussions on IT down to the nuts and bolts * Risk factors that can cause an audit (low hanging fruit) * New rules which grant states ability to sue citing HIPAA on behalf of a patient * New funding measures Why should you attend : The evolutions of this enigmatic law and how what was once relative benign in terms of enforcement is now fully funded and aggressive. Learn what you can do to be prepared for an audit and how to lower risks of ever being audited. It is absolutely imperative that you are proactive and not reactive with your compliance program, this is a necessary evil and you need to protect your practice or your business and limit risks from the imminent Federal audits. Join me in keeping up with this very confusing law and take advantage of all the templates and information provided as part of the seminar. Areas Covered in the Session: * HIPAA -Brief History * HIPAA Privacy Rule vs HIPAA Security Rule * HITECH Act * Breach Notification Rule * Omnibus Rule and audits * Business Associates and audits * Current Court Cases (precedence) * Paper Based PHI Concerns and how to lower risk

Overview: Participants will understand the importance of responding to the OCR pre-audit requests and how to respond. Our discussion will cover how to prepare for an anticipated OCR HIPAA privacy audit, by discussing how to conduct an internal self-assessment of your privacy program. We will discuss how to conduct the self-assessment, whether it be the need for policies, procedures or obtaining all of your business associates information. Why should you Attend: If you have received a request from the OCR to provide the name of your entities privacy official and additional criteria, you are already aware that you are on the OCR's radar and may be the focus of an audit. If you haven't received a request yet, anticipate receiving one soon. In addition to ensuring that your HIPAA program is audit ready, you also need to ensure that you know all of your business associates and have their information readily available to provide to the OCR. Your entity needs to be ready now, as the OCR will either conduct focused desk audits, on-site audits or both in effort to review documentation of evidence of your compliance with the HIPAA regulation. Areas Covered in the Session: Office of Civil Rights "OCR" requests for privacy official and additional information and timeline for response Internal assessment criteria of privacy program in anticipation of an OCR audit Conducting the assessment using the template based upon HIPAA regulations Discuss methods to address any found deficiencies Workforce training Who Will Benefit: Healthcare providers Compliance and Internal Audit professionals or office staff responsible for ensuring patient privacy Healthcare Administrators Business Associates and all HIPAA Covered Entities Speaker Profile Gail Madison Brown is a registered nurse and an attorney with over 25 years of experience in health care. For the last 15 years she has focused on health care compliance and revenue cycle management operations. Gail's experience ranges

Overview: This webinar is designed for medical practice leaders to gain a working knowledge of the Value-Based Modifier program and how your cost and quality metrics will be used to determine your Medicare payments in future years. Why should you Attend: Your future Medicare payments are at risk. 2018 payment rates may be cut up to 6% if you fail to report quality measures to CMS for the 2016 calendar year. Your practice can also see cuts of 1-4% if you are an outlier on costs or quality. On the other hand, practices that show they are significantly better than average on costs and/or quality can receive an increase over the standard Medicare payment rates. You'll want to understand how this program works, what the potential impact for your practice is, and what steps you need to take now to ensure success in 2018. Areas Covered in the Session: What types of medical practices are impacted by the VBM program and how much is at risk for practices of different sizes. What cost and quality metrics are used and how are they combined to yield your practice's future payments What are the timelines for submitting data and reviewing your status What actions you can take now to ensure the highest possible Medicare payments in future years Who Will Benefit: Practice Administrators Physicians, Podiatrists, Physician Assistants, Nurse Practitioners, CRNAs Quality Officers Nurse leaders Finance Directors Speaker Profile Jeanne J. Chamberlin Jeanne Chamberlin is currently a Practice Management Consultant with MSOC Health. During her 30 years in the healthcare industry, Jeanne has worked in independent medical practices, health systems, state government, and software development. She holds a Masters Degree in Public Policy from Duke University and is a fellow in the American College of Medical Practice Executives. She has been a leader in both state and local MGMA chapters. As practice administrator of a 10-physician multi-specialty practice, Jeanne first began

Overview: In 2013, The US Department of Health and Human Services made major changes to rules implementing The Health Insurance and Portability Act of 1996 (HIPAA) and Health Information Technology for Economic and Clinical Health Act of 2003 (HITECH). Among the many areas impacted by these rules (billing, marketing, research, IT security, etc.) is fund raising. The amendments significantly modify the methods and practice that hospitals, their institutionally related foundations, and other healthcare charities may or must employ when using ANY patient or client information for fund raising. The webinar will cover how to effectively implement the fund raising regulations in a manner that increases both opportunities for philanthropic support and compliant implementation of the new mandates. The rules include specific operational requirements, some of which prohibit protocols that were required under the original HIPAA regulations. The "magic words" mandated by HIPPA-related regulations changed in multiple areas. The webinar will cover all of these areas to ensure your organization is both legally compliant and operationally effective. The types of information that may be used for fund raising changed significantly. This presents numerous substantial fund raising opportunities, as well as challenges on the use and storage of such information. Among other areas to be presented are The required method for individuals to opt-out of receiving fund raising communication The methods of informing patients and clients of their right to opt-out from receiving fund raising communication The broadly expanded types of fund raising communication subject to opt-out rights How providers, hospital, and related fund raising foundation apply an opt-out election by an individual The type of patient and client information that health charities may use for fund raising The contents of provider's Notice of Privacy Practice How clinicians can assist both their patients/clients and the

Overview: This webinar is designed for medical practice leaders to gain a working knowledge of the Value-Based Modifier program and how your cost and quality metrics will be used to determine your Medicare payments in future years. Why should you Attend: Your future Medicare payments are at risk. 2018 payment rates may be cut up to 6% if you fail to report quality measures to CMS for the 2016 calendar year. Your practice can also see cuts of 1-4% if you are an outlier on costs or quality. On the other hand, practices that show they are significantly better than average on costs and/or quality can receive an increase over the standard Medicare payment rates. You'll want to understand how this program works, what the potential impact for your practice is, and what steps you need to take now to ensure success in 2018. Areas Covered in the Session: What types of medical practices are impacted by the VBM program and how much is at risk for practices of different sizes. What cost and quality metrics are used and how are they combined to yield your practice's future payments What are the timelines for submitting data and reviewing your status What actions you can take now to ensure the highest possible Medicare payments in future years Who Will Benefit: Practice Administrators Physicians, Podiatrists, Physician Assistants, Nurse Practitioners, CRNAs Quality Officers Nurse leaders Finance Directors Speaker Profile Jeanne J. Chamberlin Jeanne Chamberlin is currently a Practice Management Consultant with MSOC Health. During her 30 years in the healthcare industry, Jeanne has worked in independent medical practices, health systems, state government, and software development. She holds a Masters Degree in Public Policy from Duke University and is a fellow in the American College of Medical Practice Executives. She has been a leader in both state and local MGMA chapters. As practice administrator of a 10-physician multi-specialty practice, Jeanne first began working wi

Your vision is likely to be one of your most valuable senses, you want to consider your visit to the eye doctor as important an opportunity to review your health status as your regular checkup with your physician.

Seminar on Analytical Instrument Qualification and Validation: Understanding to Prepare for FDA Audits to become Part 11 Compliant at Boston, MA Course "Analytical Instrument Qualification and Validation: Understanding to Prepare for FDA Audits to become Part 11 Compliant" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: In this two day workshop conference you will learn the different global agencies expectations of analytical equipment qualification along with the development of a sound process validation program in order to develop and implement bulletproof solutions that are accepted, effective, and efficient. Through case study analysis we will examine best practices to provide thoughts and ideas to develop or improve the performance of your current system. Additionally, case studies will explore how your management practices of your analytical equipment qualification/ validation and process validation programs can help or hurt your legal liability and the legal issues that arise from nonconformance with regulators and Auditors. This seminar will help attendees understand the instrument qualification and system validation processes and will provide instruction on how to prepare for FDA audits and how to become part 11 compliant. Why should you attend? The cost of non-compliance is therefore more than that of compliance. Are you in compliance with the FDA regulations for analytical equipment qualification and validation in your facility? Areas Covered in the Session: * Learn about the regulatory background and requirements for laboratory instrument qualification and system validation * Understand the logic and principles of instrument qualification and system validation from validation planning reporting * Understand and be able to explain your company's qualification and validation strategies * Be able to independently prepare execute test protocols, this includes s

Overview: This webinar provides an overview of the MACRA legislation and developing regulations and guidelines. We'll help you understand how medical practices will be paid in the future for services to Medicare patients. You'll be asked to choose between two paths. If you choose to participate with other providers in an Advanced Payment Model, the larger organization will be paid for services provided and determine how to share those payments as well as any cost savings among the participants. If you choose the Merit-Based Incentive Payment System (MIPS), your payment rate will vary based on how you perform on a variety of Medicare Quality Programs - PQRS, VBM, Meaningful Use and a 4th new component focused on Quality Improvement. You'll want to know as much as possible about the pros and cons of each option and how to make the right choice for your practice. Why should you Attend: Under the MACRA legislation, your providers will need to choose between participating in an Advanced Payment Model (APM) or participating in the new Merit-Based Incentive Payment System. Making the wrong choice can result in significant reductions in your future Medicare payments. You'll want to understand the options and have a plan in place by January 1, 2017 - that's only 6 months away. Areas Covered in the Session: Learn the requirements of the new MACRA legislation and how it will impact your Medicare payments in 2019 and beyond Find out what you need to be doing now to ensure you don't lose Medicare revenue in future years Understand the options - APM vs MIPS - and how your Medicare payments can increase or decrease under each model Identify what aspects of the new payment methodology are written into the legislation, what has been released through proposed regulations and when final rules are expected. Who Will Benefit: Practice Administrators, CEOs, COOs Physicians and all providers who bill to Medicare Quality Officers Nurse leaders Finance Directors Speaker Pro

Course "Key Factors to Write an Effective Standard Operating Procedure (SOP) and Work Instructions (WIs)" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Writing SOPs or procedural documents can be challenging at times. However, writing SOPs is overall a straightforward process. However, enforcing what you already created and implemented in the pipeline is another story. The term SOP is very obvious. We have seen "clearly written description of how specific tasks are to be done." Another satisfactory definition would be "detailed written instructions that achieve the uniformity of the performance of a specific function." Is the firm doing what the regulations specify? Is the firm doing what their procedures specify? If you are medical device or a pharmaceutical manufacturer, these definitions come as no surprise because when it comes to FDA regulations and guidance documents "establish" means to define, to document (in writing or electronically) and to implement. The goal and emphasis with FDA is simple. Proof of "Establish" is the foundation. Is the firm doing what the regulations specify? Is the firm doing what their procedures specify? Are the procedures being followed and enforced by company personnel? SOPs are needed in regulated industries to give step-by-step instructions for performing a particular job or task. This session will provide a step-by-step overview and a snapshot of the procedure description, the process and format. The subject matter of a SOP may range from how to operate a piece of machinery to how to log into a particular software program. SOPs ensure consistency and reliability because they require training of all affected parties. This session will address recent enforcement actions for SOP related violations but no surprise. Most of our enforcement actions are documentation related, i.e., SOP or other procedural documents. We will review examples from

Overview: This webinar will cover the changes to the PQRS program in 2016 and will provide tips and strategies to help you select the best measures and reporting approach for your practice. Why should you Attend: Your future Medicare payments are at risk. Failing to report quality measures to CMS for Calendar Year 2016 will result in a reduction of up to 6% in your 2018 Medicare payments. The PQRS program carries a potential 2% penalty for each provider who does not report quality measures to CMS - physicians, mid-level providers, therapists, psychologists, social workers, even dieticians. In addition, if your practice has physicians and mid-levels, at least half the physicians must meet the PQRS requirements or the group will face an additional 2-4% penalty from the Value Based Modifier program. Areas Covered in the Session: Understand the difference between a reporting rate and a performance rate? Get access to useful tools to help you identify measures applicable to your specialty. Learn how to choose among the various reporting approaches - what are the pros and cons of each. Understand how CMS will evaluate your submission if you report less than 9 measures. Who Will Benefit: Practice Administrators All providers who bill to Medicare including Physicians (All specialties), Podiatrists, Physician Assistants, Nurse Practitioners, Psychologists, LCSW, Physical and Occupational Therapists, Speech/Language Pathologists, etc. Quality Officers Nurse leaders Finance Directors Speaker Profile Jeanne J. Chamberlin Jeanne Chamberlin is currently a Practice Management Consultant with MSOC Health. During her 30 years in the healthcare industry, Jeanne has worked in independent medical practices, health systems, state government, and software development. She holds a Masters Degree in Public Policy from Duke University and is a fellow in the American College of Medical Practice Executives. She has been a leader in both state and local MGMA chapters. As practice ad

Many people suffer from allergies. In fact, there are millions of people who suffer from allergic reactions to a variety of substances and foods on a daily basis. For instance, , according to the study, "A cross-sectional study of the prevalence of food allergies among children younger than ages 14 years in a Beijing urban region", published in the journal Allergy & Asthma Proceedings, in January 2019, the total prevalence of probable food allergies in children aged less than 14 years of age in the Beijing urban area was 3.2%. Unfortunately, not everyone who suffers from allergies is aware of their condition or the treatments available to them. For this reason, it is important to seek proper allergy diagnostic and treatment as soon as possible in order to prevent the conditions that can lead to further complications if left untreated. To accurately assess whether or not you have a food allergy, your physician will likely: * Ask you a series of questions designed to determine your sensitivities * Perform a full physical exam * Have you maintained a detailed diary of previous symptoms and potential triggers * Have blood tests performed * Have skin tests performed * You might even be required to take a blood test for confirmation Once you know you do have allergies, your medical professional will then be able to correctly diagnose them. If your symptoms are consistent with food allergies, doctors will most likely recommend an avoidance diet in order to prevent further food allergies or other reactions. They may also prescribe daily pills to control your symptoms or provide an antihistamine to help reduce your histamine production. Read more @ https://coherentmarketinsights-cmi.blogspot.com/2021/02/high-prevalence-of-food-allergies-among.html

Overview: The webinar will concentrate on topics that HHS has announced will be the focus of the first round of "desk audits". They reflect significant areas of non-compliance revealed in the 2012 pilot audits and HHS HIPAA violation investigations concluded by Resolution Agreements and Corrective Action Plans. They include: HIPAA Risk Analysis Risk Management based on Risk Analysis Breach Notification Notice of Privacy Practices (for Covered Entities) Minimum Necessary Standard Access of Individuals to their PHI Authorizations Workforce Training This webinar is vital because, in focusing on preparation for a HIPAA Compliance Audit, Covered Entities and Business Associates may review, prioritize and structure their HIPAA Compliance programs. If you have HIPAA Compliance documentation ready to submit on two weeks notice to HHS you are implementing an effective HIPAA Compliance program. In addition, every Covered Entity or Business Associate may face an HHS HIPAA Compliance investigation at any time due to a complaint or a Breach. If you are "audit ready" you will be ready for an investigation - and better able to avoid complaints and prevent breaches. Why should you attend: Every Covered Entity and Business Associate is liable - without prior notice - to be audited for HIPAA Compliance by HHS You will have only 2 weeks after receiving your HIPAA Compliance Audit notification and data request to upload all requested documents to an HHS HIPAA Compliance Audit Portal The HIPAA Compliance Audit data request you receive will specify content and file organization, file names and any other document submission requirements Auditors will not contact an audited entity for clarifications or ask for additional information - it is essential that submitted documents are current, accurately reflect the entity's HIPAA Compliance program and demonstrate HIPAA Compliance Only data submitted on time will be assessed Failure to respond on time may be referred to the HHS regional

Overview: Remember spaghetti code? The HIPAA breach area is now almost as convoluted and overlapping and confusing as spaghetti code. Sometimes you think you are both coming and going at the same time when you think through an event to determine if your organization has had a breach. For example: Is a security incident always a beach? Is an ePHI breach a security incident as well? Is a cybersecurity event always a breach? What if it does not steal any clinical information, diagnoses or procedures information, or any payment information? A security incident? Or both? Are all the necessary kinds of notice in the Breach rule? What is Cybersecurity Insurance? Is it really the finger in the dike or itself full of Swiss cheese? Can the loss of patient or member data be a HIPAA breach and identity theft plus a fraud issue? Why should you Attend: HIPAA breaches now number in the multiple thousands, if not multiple millions. Your organization needs to be prepared for the initial sense of panic, a complete investigation, and the federal, state and reputational costs of a mega breach. A breach now costs in money approximately $225/record. And this does not include any fine of any type. The loss and theft of 1000 records may cost you organization from a quarter to $1 M, or more, and 6 months to a year to resolve. You need to know the basics of what PHI and ePHI really are; what puts the event into the breach safe harbor, what breach exceptions keeps the event out of OCR's hands, what the 4 factors are and how they are used. You need to know that your organization's breach plan and your policies and procedures include the need to notify when necessary the police, the FBI and other state and federal organizations beyond the Office for Civil Rights. Your organization needs to know how to protect itself after the fact by considering Cybersecurity Insurance. Areas Covered in the Session: Definition and reporting of a Security Incident Definition of a breach Breach Guidance Br