Group items tagged

Overview: In this session we will discuss the HIPAA audit and enforcement programs and how they work, and discuss the areas that caused the most issues in prior audits. We will explore what kind of issues and what kind of entities had the most problems, and show where entities need to improve their compliance the most. We will also explore the typical risk issues that lead to breaches of health information and see how those issues may be a target for auditors in the new 2016 audits. We will review the contents of the HIPAA Audit Protocol used in 2012 to show what documentation needs to be on hand should your organization be selected for an audit in the new round. We will present methods for using the contents of the HIPAA Audit Protocol to build your own compliance plan by extracting and updating the contents and relating your compliance activities directly to the questions that might be asked. In this session we will discuss the HIPAA audit and enforcement regulations and processes, and how they apply to HIPAA covered entities and business associates. We will explain the enforcement regulations and the new, increased fines and new penalty levels, including new penalties for willful neglect of compliance that begin at $10,000. We will discuss what information and documentation must be prepared in advance so that you can be ready for an audit at any time, including sample information request forms and questions asked at prior audits. The session will also cover how to know if you may become the subject of an audit or enforcement action, and what you can do to help limit your exposure. We will discuss how most enforcement actions come about and what can be done to prevent incidents that lead to enforcement activity. The HIPAA Privacy, Security, and Breach Notification regulations (and the recent changes to them) and how they will be audited will be explained. Documentation requirements for compliance will be explored and a framework of security policies necessary

Overview: New changes modifying the HIPAA Privacy and Security Regulations are going into place to meet the privacy and security mandates within the HITECH Act in the American Recovery and Reinvestment Act of 2009. The changes include establishing new rights for individuals as well as changes to the limitations on uses and disclosures. New requirements for patient access to records and requirements to notify individuals in the event of a breach are only two of the many areas affected in the new law, including new requirements for restriction and accounting of disclosures and increased enforcement activity. Covered entities that use electronic health records (EHRs) will need to meet new access and disclosure rules and all kinds of business associates and their subcontractors will need to establish compliance programs. And if you are required to have a HIPAA Notice of Privacy Practices, you will need to update that to show all the new rights that patients will have, such as electronic copies, new rights to restrict disclosures, and much more. Business associates are now directly covered by the HIPAA privacy and security regulations and are liable for fines and penalties if they do not comply. If a business associate supplies services that interact with the new changes to the rules, the BA will need to be aware of the new requirements. We will explain what a Business Associate needs to do differently under the new regulations. Electronic records have new demands placed on them, in both providing access and in accounting for all disclosures of health information - the electronic age in health care brings new obligations to serve individuals as well as manage health information for healthcare professionals. We will discuss how disclosures must be tracked in an EHR and review the various ways patient records can be supplied electronically. The new regulations will be reviewed and their effects on usual practices will be discussed, as will what policies need to be chang

Incidental disclosures form the crux of HIPAA compliance and patient care. HIPAA has elaborate rules on how to maintain these and in what situations. Health Insurance Portability and Accountability Act (HIPAA), a landmark set of federal regulations, is aimed at protecting patient privacy regulations. Yet, it is understood that some information has to necessarily be shared. HIPAA compliance and patient care is centered on the inevitable disclosures that have to be made, or what are called incidental disclosures. Initially, there was some ambiguity about incidental disclosures, resulting in some kind of haziness about HIPAA compliance and patient care. With these cleared, much of HIPAA compliance and patient care hinges on this principle. Incidental disclosures determine patient care compliance with HIPAA Incidental disclosures are what are termed secondary use, i.e., it is the unavoidable or inevitable disclosure of Protected Health Information. It is understood that incidental disclosures, being a byproduct of the course or nature of the treatment; are inescapable, given the condition and situation of the patient. Guiding factors for HIPAA compliance with patient care The aim of HIPAA's Privacy Rule is to ensure that healthcare providers have to use professional judgment guided by ethical guidelines at the time of making incidental disclosures. The following bases were propounded for adherence with HIPAA compliance and patient care: Whenever there is an unavoidable breach in confidentiality, the breach should be proportionate to the potential benefit the patient's gets from care When a patient is not present in the healthcare setting or is incapacitated, information about the patient can be shared with the family, friends or whoever else is involved in the patient's care. This protocol need not be documented. In relation to the above, a requirement of HIPAA compliance for patient care is that when the patient has a condition that is not related to the present tr

Overview: Final regulations for the new HIPAA Breach Notification Rule require much more than notifying individuals affected by a Breach of their Protected Health Information (PHI). Covered Entities and Business Associates first must follow and document a very specific process to determine if a Breach occurred. If no Breach occurred documentary proof must be kept for six years. If a Breach did occur timely notifications and other actions must be undertaken and documented. This webinar will explain: What Covered Entities and Business Associates must do to comply with the Breach Notification Rule What is and is not a Breach Three exceptions - when an acquisition, access, use, or disclosure of PHI not permitted by the Privacy Rule is not a Breach How to perform a Breach Risk Assessment to determine if you can demonstrate a a low probability that the PHI was compromised Who must be notified in case of a Breach When notifications must be provided What information must be contained in each notification Other requirements in case of a Breach Investigate Mitigate harm to affected individuals Protect against further Breaches Document everything Planning and preparation for the worst - public relations and mitigation strategies to limit damage to the organization's reputation and financial well-being Why should you attend: Breaches and incidents that might be Breaches happen all the time! More than 173,000 separate breaches of Protected Health Information (PHI) affecting less than 500 individuals were reported to the U. S. Department of Health and Human Services (HHS) between September, 2009 and May 31, 2015 and in the same period HHS received approximately 1240 reports of PHI breaches that affected 500 or more individuals An acquisition, access, use, or disclosure of PHI not permitted by the Privacy Rule is presumed to be a Breach unless it falls within an exception or the Covered Entity or Business Associate can demonstrate a low probability that the PHI was compromi

Overview: The connection between the Body, its physiology and particularly biochemistry, have been linked to the mind with particular emphasis upon emotions and stress. This can be easily substantiated in common everyday situations. Anyone who has observed a facial red flush triggered by some sort of embarrassment can attest to the foregoing connection. The emotions and stress play a key role in many if not all diseases and disorders: due to the vastness of the subject, we will focus on the application of the mind/body connection(MBC) to skin. This serves as an introduction to the field of psych dermatology which, although still in its infancy in the USA, is expanding as evidence with regard to the psychological component related to the etiology of skin diseases continues to grow. Concurrently, the field of Alternative techniques IN mind/body treatments continue to grow in leaps and bounds providing effective methods for integration with conventional cosmetic and dermaceutical treatment. This provides a dual complimentary pathway both for prevention and treatment of any/most skin disorders. Expanding on this model, we have already shown how the mind influences the body as per the above example. This general proposition can be extended to include specific skin disorders such as acne rosacea psoriasis eczema and atopic dermatitis to name a few. We will concentrate on Acne for the sake of this discussion. First, focusing on the B component of the BMC model, the primary lesion associated with acne is the formation microcomodones, which are small enough to proceed undetected until larger comodones appear later in the cycle. The latter cycle is initiated by peroxidation of squalene and unsaturated fatty acids present in human sebum. This leads to the foregoing lesions and pro- inflammatory mediators such as cytokines and interleukins followed by an increase of p.acnes on the epithelial cell wall together with increased film formation of the p.acnes is the same area This

Healthcare Rehabilitation is a vast field: The field of healthcare rehabilitation is very vast and expansive. In traditional societies, most commonly relatable to the Orient and Africa, there is the ages-old cultural belief that it is the duty of children to take care of their parents when they age. On the contrary, for us in the west, healthcare rehabilitation has emerged as a specialized branch of healthcare because of the emphasis our society places on independence of the individual. Healthcare rehabilitation is a product of social mores: Younger generations of people are not expected to spend entire years, as may be the case in some families, to look after people of their previous generations who may be in need of medical care. It is on this outlook towards life of our society that healthcare rehabilitation has come into being. However, it is also possible that younger people could also be in need of healthcare rehabilitation. Even such people are put in the care of healthcare providers which offer these services. The divisions of healthcare rehabilitation: Branching out as a fully developed field of healthcare, healthcare rehabilitation has many specializations. These are broadly the areas in which healthcare rehabilitation is offered: General rehabilitation: General rehabilitation of some or another kind is a primary aspect of healthcare rehabilitation. Those in need of this kind of care typically include patients who have lost their ability to carry out day-to-day tasks such as talking, walking, brushing, eating, etc. many a time, depending on the nature of the ailment, rehabilitation could include therapies, exercises and other activities aimed at bringing in some element of mobility in the patient. This kind of healthcare rehabilitation could also include taking care to revive the patient's memory, when patients with diseases like Alzheimer's or Parkinson's are admitted for healthcare rehabilitation. Skilled nursing: An area in which a skilled and

Course "Texting and E-mail with Patients: Patient Requests and Complying with HIPAA " has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: With the recent advances in portable technology, more and more organizations and their users are taking advantage of mobile devices to save time and get work done more efficiently. Texting, portable e-mail, and Apps are revolutionizing the ways health care providers interact with their patients and get their work done. But the use of these devices comes with hidden costs of compliance, especially if they lead to a reportable breach under HIPAA or state laws. HIPAA Privacy and Security Officers have been struggling to keep up with the use of the devices to protect patient privacy and avoid compliance issues. Even if these devices aren't in formal use in your organization, you need to act now to anticipate their use and make sure they are used properly. This session is designed to provide intensive, two-day training in HIPAA compliance as it relates to the use of mobile devices, including how to use them with Protected Health Information, the policies and procedures you need to have in place to use them securely, and how to manage issues of the "BYOD" phenomenon. The session provides the background and details for any manager of health information privacy and security to know what issues to look for with mobile devices, what needs to be done for HIPAA compliance, and what can happen when compliance is not adequate. Audits and enforcement will be explained, as well as privacy and security breaches and how to prevent them. Numerous references and sample documents will be provided. The session will be valuable for both newcomers to HIPAA compliance as well as seasoned veterans. HIPAA compliance will be explained and discussed in detail, from the basics through the latest changes and new technology issues, so that the attendee will have a coherent u

Overview: With the recent advances in portable technology, more and more organizations and their users are taking advantage of mobile devices to save time and get work done more efficiently. Texting, portable e-mail, and Apps are revolutionizing the ways health care providers interact with their patients and get their work done. But the use of these devices comes with hidden costs of compliance, especially if they lead to a reportable breach under HIPAA or state laws. HIPAA Privacy and Security Officers have been struggling to keep up with the use of the devices to protect patient privacy and avoid compliance issues. Even if these devices aren't in formal use in your organization, you need to act now to anticipate their use and make sure they are used properly. This session is designed to provide intensive, two-day training in HIPAA compliance as it relates to the use of mobile devices, including how to use them with Protected Health Information, the policies and procedures you need to have in place to use them securely, and how to manage issues of the "BYOD" phenomenon. The session provides the background and details for any manager of health information privacy and security to know what issues to look for with mobile devices, what needs to be done for HIPAA compliance, and what can happen when compliance is not adequate. Audits and enforcement will be explained, as well as privacy and security breaches and how to prevent them. Numerous references and sample documents will be provided. The session will be valuable for both newcomers to HIPAA compliance as well as seasoned veterans. HIPAA compliance will be explained and discussed in detail, from the basics through the latest changes and new technology issues, so that the attendee will have a coherent understanding of not only the rules, but also how to think about compliance and make sound compliance decisions on a day-to-day basis in the context of mobile devices. Agenda Day One Day one sets the stage with an ov

Overview: The webinar will concentrate on topics that HHS has announced will be the focus of the first round of "desk audits". They reflect significant areas of non-compliance revealed in the 2012 pilot audits and HHS HIPAA violation investigations concluded by Resolution Agreements and Corrective Action Plans. They include: HIPAA Risk Analysis Risk Management based on Risk Analysis Breach Notification Notice of Privacy Practices (for Covered Entities) Minimum Necessary Standard Access of Individuals to their PHI Authorizations Workforce Training This webinar is vital because, in focusing on preparation for a HIPAA Compliance Audit, Covered Entities and Business Associates may review, prioritize and structure their HIPAA Compliance programs. If you have HIPAA Compliance documentation ready to submit on two weeks notice to HHS you are implementing an effective HIPAA Compliance program. In addition, every Covered Entity or Business Associate may face an HHS HIPAA Compliance investigation at any time due to a complaint or a Breach. If you are "audit ready" you will be ready for an investigation - and better able to avoid complaints and prevent breaches. Why should you attend: Every Covered Entity and Business Associate is liable - without prior notice - to be audited for HIPAA Compliance by HHS You will have only 2 weeks after receiving your HIPAA Compliance Audit notification and data request to upload all requested documents to an HHS HIPAA Compliance Audit Portal The HIPAA Compliance Audit data request you receive will specify content and file organization, file names and any other document submission requirements Auditors will not contact an audited entity for clarifications or ask for additional information - it is essential that submitted documents are current, accurately reflect the entity's HIPAA Compliance program and demonstrate HIPAA Compliance Only data submitted on time will be assessed Failure to respond on time may be referred to the HHS regional

Implementation of Regulatory Aspects of Clinical Research is critical One of the prime areas of clinical studies is regulatory aspects of clinical research. This applies in almost equal measure to medical research as a whole. The FDA and other regulatory bodies have spelt out a number of regulations that have to be complied with if the clinical research is to be approved. These regulatory requirements cover all aspects of clinical research. A look at some of these regulatory aspects would be instructive: FDA requirements on regulatory aspects of clinical research The FDA has an exhaustive list of regulations relating to Good Clinical Practice (GCP), the area which forms the backbone of regulatory aspects of clinical research. The FDA has a series of regulations that are aimed at bringing in discipline and process into clinical research. It implements all the laws relating to GCP passed by the American Congress. At present, there are a huge number of regulatory standards and requirements that have to be complied with by those undertaking clinical research in the US. These regulations are codified in the 21 CFR series. Notable sections of the 21 CFR series relating to regulatory aspects of clinical research include: 21 CFR Part 11 21 CFR Part 16 21 CFR Part 50 21 CFR Parts 50 and 56 21 CFR Part 54 21 CFR Part 58 21 CFR Part 312 21 CFR 312.120 21 CFR Part 314 21 CFR Part 320 21 CFR Part 511 21 CFR Part 514 21 CFR Part 601 21 CFR Part 812 21 CFR Part 814 EU requirements on regulatory aspects of clinical research In the EU, the core aspect of regulatory aspects of clinical research relates to the primary importance given to the subjects in a clinical research. For example, regulatory aspects of clinical research France are guided by the Public Health Code and Civil Code. This Code contains a list of regulatory conditions clinicians are obliged to adhere to. These regulations are to be monitored by a number of regulation enforcement bodies that the French governm

Rationale for Clinical Trial Regulations Clinical trials, as we all know, are carried out to test the efficacy of a new drug or device being developed for a specific condition or disease. Clinical trials are experiments that have a high degree of risk if they are not properly implemented. For this reason, it is necessary for regulatory bodies to regulate clinical trials. The core rationale for regulating the various stages of clinical trials is that human subjects, who are part of the research, have to be protected. These clinical trial regulations are legislated at all stages: local, State, national and international. Clinical trial regulations are in force in different countries of the world. Common clinical trial regulations are also made globally by the International Conference on Harmonization (ICH), which has the mandate of setting out good practices for clinical trial regulations for trials done in global cooperation. These regulations cover the administrative, procedural and ethical aspects of clinical trials. Briefly, these are the areas in which there are clinical trial regulations for each of these aspects of clinical trials: Administrative: The administrative aspects of clinical trial regulations pertain to the way the clinical trials are run, and the way they are tracked and monitored throughout their lifecycle. A clinical trial is usually monitored by a sponsoring company or a Contract Research Organization (CRO), which the former hires at times for reasons of convenience and cost cutting. Clinical trial regulations in this area is obviously of importance because if something goes wrong at any administrative stage; these can be rectified. Procedural: Procedural aspects of clinical trial regulations relate to ways by which subjects are chosen for a clinical trial. Proper care has to be taken to ensure that the subjects are appropriate for the clinical study, are from the prescribed age, geographical, demographic, racial and gender-related cl

Overview: This lesson will be going into great detail regarding your practice or business information technology and how it relates to the HIPAA Security Rule, in particular portable devices. Areas covered will be texting, email, encryption, medical messaging, voice data and risk factors as they relate to IT. I will uncover myths versus reality as it relates to this very enigmatic law based on over 600 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. I will also speak to real life audits conducted by the Federal government (I've been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). In addition this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. Don't always believe what you read online about HIPAA, especially as it relates to encryption and IT, there are a lot of groups selling more than is necessarily required. Why should you Attend: HIPAA NOW HAS TEETH! Be prepared for what's new in 2016! Protect your practice or business! What factors might spurn a HIPAA audit? …are you doing these things? Why are the Feds enforcing after all these years? It is important to understand the new changes going on at Health and Human Services as it relates to enforcement of HIPAA for both covered entities and business associates as it relates to portable devices, texting, and emailing of PHI. You need to know how to avoid being low hanging in terms of audit risk as well as being sued by individuals who have had their PHI wrongfully discloses due to bad IT practices. I have also been expert witness on multiple court cases where a business or medical practice is being sued for not doing their due diligence to minimize risk. Areas Covered in the Session: Updates for 2016 BYOD Portable devices B

Overview: This webinar will cover everything that you need to know about how to handle HIPAA security incidents, breaches, and complaints and the Department of Health and Human Resources Investigations thereof. Not all security incidents are breaches, but all breaches of confidentiality are within the broad ambit of security incidents. Privacy rule violations, such as failing to give a patient a copy of his or her medical records, may also constitute a breach as the $4.2 million fine assessed against Cignet Healthcare of Prince George's County, Maryland, dramatically proved. Handling an investigation properly is key to determining not only how to handle it to mitigate any harm and to take action to prevent it from happening again but also to determine whether it is reportable to affected individuals and to DHHS. HIPAA requires a complaint procedure (policy). The webinar will suggest what such a document should contain as it also will for the required report procedure (what is reportable, who reports, to whom, and required/suggested contents of the report) and the required response procedure (what do the responsible officials do after receiving the report or the complaint). Investigating a possible security incident is key. The webinar will cover how to conduct a thorough investigation of HIPAA security incidents, breaches, and patient complaints. Finally, the second largest HIPAA civil money penalty or settlement, $4.2 million, was in large part due to the offender's failure to cooperate with the DHHS investigation. The presenter has successfully defended his clients in seven such investigations and knows how to respond to them to avoid or minimize liability. Think of a gap analysis as an examination of: What you currently have in place for HIPAA compliance. Is that adequate? Can it be done better? Is it enough? And what am I missing? Asking these questions will help establish the direction and next steps to take. It lays the ground work for a good Risk Analys

Overview: One of the major requirements of the health care organization to be HIPAA compliant is to develop and implement a set of HIPAA privacy and security policies and procedures. This can be a daunting task for those not knowing where to start and what a set of HIPAA privacy and security policies and procedures should look like. For the cost conscious health care organization, the HIPAA policies and procedures can have multiple uses: first, they can become a basis for training the health care organization workforce; second, they can be used as a basis for conducting a HIPAA self-assessment; and third, they can be used to demonstrate due diligence should there be a breach or an externalHIPAA compliance audit. In today's world it is not necessary that the health care organization spend significant funds to develop a set of HIPAA privacy and security policies and procedures from scratch. The health care organization can likely find templates on the internet that can be used as a starting point to customize HIPAA policies and procedures to be unique for the health care organization. The preparation of a well-documented set of HIPAA policies and procedures needs to be addressed through the development of Privacy and Security policies and procedures that address each of the requirements shown in the HIPAA regulations as amended by the HITECH law and the final Omnibus Regulations. The process of developing the HIPAA privacy and security policies and procedures also provides a reference for the health care organization how to consider the security addressable and required regulation requirements. Why should you attend: There are three situations where having a set of HIPAA policies and procedures are needed: First, the policies and procedures become a good reference to ensure that all areas are addressed for becoming HIPAA compliant. Second, the HIPAA regulations REQUIRE covered entities and business associates to have a set of policies and procedures directing

Course "Effective and Efficient Internal and Supplier Quality System Auditing for Medical Devices" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Do you want to understand how to do efficient and effective internal and supplier audits that meet all the requirements of your external auditors, but also add value to your company? Are you confused by all the requirements and guidance documents for medical device quality management systems and are tired of wading through all the regulatory language they contain. This course is for those who will do internal or supplier audits, manage an audit process for these or other company audits. This course will provide you with an easy to understand presentation on the auditing process as well as the requirements you will need to audit under ISO 13485 and the FDA Quality System Regulation (cGMP) Both FDA Quality System Regulation (QSR) and ISO 13485 require that companies do internal audits. However, because the FDA does not look at the content of internal audits, some companies do not get feedback on the true effectiveness of their internal audit system from the FDA during FDA Inspections. ISO 13485 auditors do look at internal audits, but are most concerned that you define a process that meets the requirements of the standard and are following your process. Both require that you define Auditor training is required, but this sometimes just requires reading the company's procedure, although most external auditors will look for more than this. Do you need to train new auditors for yours medical device quality management system or to audit your suppliers? Or do you need to improve the training of your internal and supplier auditors so that they add value to these audits? If you need to do either of these, this seminar will provide this training. In addition to auditing skills and hands-on auditing exercises, this seminar will provide an ove

Practical steps to compliance with HIPAA Computer Policy: That the HIPAA has a clear and stringent policy on computers is absolutely understandable, because computers constitute the very soul of HIPAA. Ensuring security of patient data is one of the core causes for which HIPAA was enacted; so, it is only natural that Computer Policy should be at the center of HIPAA compliance. A HIPAA Computer Policy rule came into effect in 2005. The nub of this enactment is to ensure that there are technical, physical and administrative security procedures that must be adhered with. These are meant for Covered Entities to ensure that the data they have of patients, namely electronic Protected Health Information (PHI) is safe and secure. Understand the reason for HIPAA Computer Policy Any implementation has to start with an understanding of the rationale for the action, right? The same goes for something as important and big as implementation of HIPAA compliance into systems. HIPAA Computer Policy is in place for a specific and critical reason ���protection of patient data, loss of which can lead to hefty penalties that can affect the business very adversely. So, installing the necessary protections is the first step to protecting vital data and with it, one's own business or practice, as well. Implement a sound access policy A strong access policy is at the heart of HIPAA Computer Policy. It is in the computer systems that all the data relating to the patient are stored. So, making sure who in the organization has access to these and how and when, is very important. Not only should access be restricted to only designated and permitted personnel in the organization; there should be a system by which tracking of access is easily determined. This is to find out who accessed which record, when, what action followed, what happened as a result of this access, and so on. Keep a record of all system components This is another step to ensuring compliance with HIPAA Computer Po

Overview: This webinar will cover everything that you need to know about how to handle HIPAA security incidents, breaches, and complaints and the Department of Health and Human Resources Investigations thereof. Not all security incidents are breaches, but all breaches of confidentiality are within the broad ambit of security incidents. Privacy rule violations, such as failing to give a patient a copy of his or her medical records, may also constitute a breach as the $4.2 million fine assessed against Cignet Healthcare of Prince George's County, Maryland, dramatically proved. Handling an investigation properly is key to determining not only how to handle it to mitigate any harm and to take action to prevent it from happening again but also to determine whether it is reportable to affected individuals and to DHHS. HIPAA requires a complaint procedure (policy). The webinar will suggest what such a document should contain as it also will for the required report procedure (what is reportable, who reports, to whom, and required/suggested contents of the report) and the required response procedure (what do the responsible officials do after receiving the report or the complaint). Investigating a possible security incident is key. The webinar will cover how to conduct a thorough investigation of HIPAA security incidents, breaches, and patient complaints. Finally, the second largest HIPAA civil money penalty or settlement, $4.2 million, was in large part due to the offender's failure to cooperate with the DHHS investigation. The presenter has successfully defended his clients in seven such investigations and knows how to respond to them to avoid or minimize liability. Think of a gap analysis as an examination of: What you currently have in place for HIPAA compliance. Is that adequate? Can it be done better? Is it enough? And what am I missing? Asking these questions will help establish the direction and next steps to take. It lays the ground work for a good Risk Analy

Overview: Upon completing this course participants will leave with a preliminary preventive control implementation plan and will: * Understand US FDA final rules for the Preventive Controls for Human and Animal Foods * Define and review your current system to identify gaps in your preventive controls planning. * Be able to develop and implement a valid preventive control company food safety plan to close any gaps * Write and implement appropriate procedures. * Know your requirements for control over your supply chain * Be able to plan and implement HARPC * Be able to perform environmental monitoring * Know how cross contamination can impact your preventive control plan * Know the difference between validation and verification * Understand and be able to use statistical process controls basics * Be able to plan and implement a team approach to preventive controls * Be able to help your food importers to jump through FDA hoops * Develop a system to risk rank your suppliers * Have a plan in hand that will pass any validation check for preventive controls * Understand some of the technology and costs that can help you establish preventive controls * Prove that your system actually prevents food safety problems * Be able to document and report results to upper management, external food safety auditors and FDA auditors * Save your company money Establish simple, low cost complete data collection and reporting systems. * Establish teambuilding between food safety and quality personnel to develop and implement changes to your current system * Understand food safety, security and recall responsibilities in light of cargo theft, adulteration and temperature failures * Learn how to use your system to get some ROI and improve your marketing position * Review current and future technologies designed to improve and simplify data collection * Establish a completely documented system Why should you attend: Validation of preventive co

Overview: This lesson will be going into great detail regarding your practice or business information technology and how it relates to the HIPAA Security Rule, in particular portable devices. Areas covered will be texting, email, encryption, medical messaging, voice data and risk factors as they relate to IT. I will uncover myths versus reality as it relates to this very enigmatic law based on over 600 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. I will also speak to real life audits conducted by the Federal government (I've been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). In addition this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. Don't always believe what you read online about HIPAA, especially as it relates to encryption and IT, there are a lot of groups selling more than is necessarily required. Why should you Attend: HIPAA NOW HAS TEETH! Be prepared for what's new in 2016! Protect your practice or business! What factors might spurn a HIPAA audit? …are you doing these things? Why are the Feds enforcing after all these years? It is important to understand the new changes going on at Health and Human Services as it relates to enforcement of HIPAA for both covered entities and business associates as it relates to portable devices, texting, and emailing of PHI. You need to know how to avoid being low hanging in terms of audit risk as well as being sued by individuals who have had their PHI wrongfully discloses due to bad IT practices. I have also been expert witness on multiple court cases where a business or medical practice is being sued for not doing their due diligence to minimize risk. Areas Covered in the Session: Updates for 2016 BYOD Portable devices B

Hospital Management : The growth and development of hospitals has led to an altogether specialized discipline -hospital management. Hospital management is about coordinating the various functions of a hospital and ensuring optimal healthcare to patients and other stakeholders. Hospital Management has come a long way from being a supplementary duty that senior doctors handled with ease, to being a full-fledged specialization in itself. Hospital management is an altogether fully developed specialist profession whose managers are well qualified. Many institutions today offer courses on hospital management. The relationship of hospital management to the area of management rather than to the medical field can be understood from the fact that many hospital managers are from a purely management background, and have little knowledge of medical science. Many hospital management institutions offer an MBA. They also offer courses on specialized subunits of hospital management, such as hospital financial management, healthcare system management, hospital human resources management, etc. This is because hospitals have evolved over time. They are now ultra-specialist healthcare providers that use the latest technologies. A hospital could use anything from billing software to highly sophisticated technology used in its medical devices. A hospital management specialist needs to be not only aware of these uses; she also needs to be/have all these: A good administrator who handles staff; A deep knowledge of the information systems; A good grip on all the systems that need to be coordinated thoroughly if the hospital needs to function smoothly without any hassles; Dealing with facilities for patients. Hospital Management can thus be understood as being the facilitator between a healthcare setting and those who need these services. It is about ensuring that all the administrative elements of a healthcare setting function in unison to ensure provision of accountable healthcare.