Group items tagged

Overview: Learn how to improve your healthcare compliance program by using requirements found in corporate integrity agreements (CIAs) issued by the OIG. By proactively incorporating various features of CIAs, healthcare providers of all types can be better assured of meeting compliance standards. While there are many different types of healthcare compliance issues, probably the area of most concern is that of properly filing claims and receiving appropriate reimbursement. The OIG has issued various types of guidance including Federal Register entries, fraud alerts, and issues as listed in the OIG Work Plans. By providing such guidance, the OIG has given healthcare providers notice so that there can be no defense of not knowing about an issue. By organizing your compliance program to detect and then correcting various types of issues is a major objective of having a compliance program. Understanding systematic processes for improving your healthcare compliance program using CIA requirements can forestall possible criminal and civil monetary penalties. The hundreds of CIAs that have been developed when the OIG detects fraudulent activities can be used as a guide for developing and improving healthcare compliance programs for all types of healthcare providers. The process of statistical extrapolation is used by the OIG when conducting studies in order to determine recoupment amounts. Statistical extrapolation can also be used by healthcare providers when determining possible overpayments. However, the proper use of statistical extrapolation is a formal and complex mathematical process that must be properly applied. The OIG CIAs provide another resource for healthcare providers to study, understand, and then apply as appropriate. Why should you Attend: What are the OIG Corporate Integrity Agreements (CIAs)? Why does the OIG issue CIAs? Can I use general requirements from CIA to avoid monetary penalties or even avoid going to jail? Can any healthcare provider use

Overview: The webinar will concentrate on topics that HHS has announced will be the focus of the first round of "desk audits". They reflect significant areas of non-compliance revealed in the 2012 pilot audits and HHS HIPAA violation investigations concluded by Resolution Agreements and Corrective Action Plans. They include: HIPAA Risk Analysis Risk Management based on Risk Analysis Breach Notification Notice of Privacy Practices (for Covered Entities) Minimum Necessary Standard Access of Individuals to their PHI Authorizations Workforce Training This webinar is vital because, in focusing on preparation for a HIPAA Compliance Audit, Covered Entities and Business Associates may review, prioritize and structure their HIPAA Compliance programs. If you have HIPAA Compliance documentation ready to submit on two weeks notice to HHS you are implementing an effective HIPAA Compliance program. In addition, every Covered Entity or Business Associate may face an HHS HIPAA Compliance investigation at any time due to a complaint or a Breach. If you are "audit ready" you will be ready for an investigation - and better able to avoid complaints and prevent breaches. Why should you attend: Every Covered Entity and Business Associate is liable - without prior notice - to be audited for HIPAA Compliance by HHS You will have only 2 weeks after receiving your HIPAA Compliance Audit notification and data request to upload all requested documents to an HHS HIPAA Compliance Audit Portal The HIPAA Compliance Audit data request you receive will specify content and file organization, file names and any other document submission requirements Auditors will not contact an audited entity for clarifications or ask for additional information - it is essential that submitted documents are current, accurately reflect the entity's HIPAA Compliance program and demonstrate HIPAA Compliance Only data submitted on time will be assessed Failure to respond on time may be referred to the HHS regional

Overview: With the recent advances in portable technology, more and more organizations and their users are taking advantage of mobile devices to save time and get work done more efficiently. Texting, portable e-mail, and Apps are revolutionizing the ways health care providers interact with their patients and get their work done. But the use of these devices comes with hidden costs of compliance, especially if they lead to a reportable breach under HIPAA or state laws. HIPAA Privacy and Security Officers have been struggling to keep up with the use of the devices to protect patient privacy and avoid compliance issues. Even if these devices aren't in formal use in your organization, you need to act now to anticipate their use and make sure they are used properly. This session is designed to provide intensive, two-day training in HIPAA compliance as it relates to the use of mobile devices, including how to use them with Protected Health Information, the policies and procedures you need to have in place to use them securely, and how to manage issues of the "BYOD" phenomenon. The session provides the background and details for any manager of health information privacy and security to know what issues to look for with mobile devices, what needs to be done for HIPAA compliance, and what can happen when compliance is not adequate. Audits and enforcement will be explained, as well as privacy and security breaches and how to prevent them. Numerous references and sample documents will be provided. The session will be valuable for both newcomers to HIPAA compliance as well as seasoned veterans. HIPAA compliance will be explained and discussed in detail, from the basics through the latest changes and new technology issues, so that the attendee will have a coherent understanding of not only the rules, but also how to think about compliance and make sound compliance decisions on a day-to-day basis in the context of mobile devices. Agenda Day One Day one sets the stage with an ov

Course "HIPAA - Putting an Organizational Compliance Program in Place" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your healthcare practice, business, or organization needs to understand how to put HIPAA compliance program in place or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive 2 day training course. Why you should attend With an increase in HIPAA enforcement and Phase 2 audits underway, many organizations need to fully understand the requirements of a compliance program. Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and what steps need to be taken to mitigate risk. The seminar will include practical exercise to assist in knowing how to develop, review, and amend HIPAA policy and procedure. After completing this course, a Covered Entity or Business Associate will have a clear roadmap for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session * Why was HIPAA created? * What is HITECH and the Omnibus Rule? * Who Must Comply with HIPAA Requirements? * What are the HIPAA Security and Privacy Rules? * What is a HIPAA Compliance Program? * What is a HIPAA Risk Management Plan? * What is meant by

Course "Texting and E-mail with Patients: Patient Requests and Complying with HIPAA " has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: With the recent advances in portable technology, more and more organizations and their users are taking advantage of mobile devices to save time and get work done more efficiently. Texting, portable e-mail, and Apps are revolutionizing the ways health care providers interact with their patients and get their work done. But the use of these devices comes with hidden costs of compliance, especially if they lead to a reportable breach under HIPAA or state laws. HIPAA Privacy and Security Officers have been struggling to keep up with the use of the devices to protect patient privacy and avoid compliance issues. Even if these devices aren't in formal use in your organization, you need to act now to anticipate their use and make sure they are used properly. This session is designed to provide intensive, two-day training in HIPAA compliance as it relates to the use of mobile devices, including how to use them with Protected Health Information, the policies and procedures you need to have in place to use them securely, and how to manage issues of the "BYOD" phenomenon. The session provides the background and details for any manager of health information privacy and security to know what issues to look for with mobile devices, what needs to be done for HIPAA compliance, and what can happen when compliance is not adequate. Audits and enforcement will be explained, as well as privacy and security breaches and how to prevent them. Numerous references and sample documents will be provided. The session will be valuable for both newcomers to HIPAA compliance as well as seasoned veterans. HIPAA compliance will be explained and discussed in detail, from the basics through the latest changes and new technology issues, so that the attendee will have a coherent u

Course "HIPAA - Putting an Organizational Compliance Program in Place" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your healthcare practice, business, or organization needs to understand how to put HIPAA compliance program in place or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive 2 day training course. Why you should attend: With an increase in HIPAA enforcement and Phase 2 audits underway, many organizations need to fully understand the requirements of a compliance program. Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and what steps need to be taken to mitigate risk. The seminar will include practical exercise to assist in knowing how to develop, review, and amend HIPAA policy and procedure. After completing this course, a Covered Entity or Business Associate will have a clear roadmap for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: · Why was HIPAA created? · What is HITECH and the Omnibus Rule? · Who Must Comply with HIPAA Requirements? · What are the HIPAA Security and Privacy Rules? · What i

Overview: In this session we will discuss the HIPAA audit and enforcement programs and how they work, and discuss the areas that caused the most issues in prior audits. We will explore what kind of issues and what kind of entities had the most problems, and show where entities need to improve their compliance the most. We will also explore the typical risk issues that lead to breaches of health information and see how those issues may be a target for auditors in the new 2016 audits. We will review the contents of the HIPAA Audit Protocol used in 2012 to show what documentation needs to be on hand should your organization be selected for an audit in the new round. We will present methods for using the contents of the HIPAA Audit Protocol to build your own compliance plan by extracting and updating the contents and relating your compliance activities directly to the questions that might be asked. In this session we will discuss the HIPAA audit and enforcement regulations and processes, and how they apply to HIPAA covered entities and business associates. We will explain the enforcement regulations and the new, increased fines and new penalty levels, including new penalties for willful neglect of compliance that begin at $10,000. We will discuss what information and documentation must be prepared in advance so that you can be ready for an audit at any time, including sample information request forms and questions asked at prior audits. The session will also cover how to know if you may become the subject of an audit or enforcement action, and what you can do to help limit your exposure. We will discuss how most enforcement actions come about and what can be done to prevent incidents that lead to enforcement activity. The HIPAA Privacy, Security, and Breach Notification regulations (and the recent changes to them) and how they will be audited will be explained. Documentation requirements for compliance will be explored and a framework of security policies necessary

Overview: New changes modifying the HIPAA Privacy and Security Regulations are going into place to meet the privacy and security mandates within the HITECH Act in the American Recovery and Reinvestment Act of 2009. The changes include establishing new rights for individuals as well as changes to the limitations on uses and disclosures. New requirements for patient access to records and requirements to notify individuals in the event of a breach are only two of the many areas affected in the new law, including new requirements for restriction and accounting of disclosures and increased enforcement activity. Covered entities that use electronic health records (EHRs) will need to meet new access and disclosure rules and all kinds of business associates and their subcontractors will need to establish compliance programs. And if you are required to have a HIPAA Notice of Privacy Practices, you will need to update that to show all the new rights that patients will have, such as electronic copies, new rights to restrict disclosures, and much more. Business associates are now directly covered by the HIPAA privacy and security regulations and are liable for fines and penalties if they do not comply. If a business associate supplies services that interact with the new changes to the rules, the BA will need to be aware of the new requirements. We will explain what a Business Associate needs to do differently under the new regulations. Electronic records have new demands placed on them, in both providing access and in accounting for all disclosures of health information - the electronic age in health care brings new obligations to serve individuals as well as manage health information for healthcare professionals. We will discuss how disclosures must be tracked in an EHR and review the various ways patient records can be supplied electronically. The new regulations will be reviewed and their effects on usual practices will be discussed, as will what policies need to be chang

Course "Key Factors to Write an Effective Standard Operating Procedure (SOP) and Work Instructions (WIs)" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Writing SOPs or procedural documents can be challenging at times. However, writing SOPs is overall a straightforward process. However, enforcing what you already created and implemented in the pipeline is another story. The term SOP is very obvious. We have seen "clearly written description of how specific tasks are to be done." Another satisfactory definition would be "detailed written instructions that achieve the uniformity of the performance of a specific function." Is the firm doing what the regulations specify? Is the firm doing what their procedures specify? If you are medical device or a pharmaceutical manufacturer, these definitions come as no surprise because when it comes to FDA regulations and guidance documents "establish" means to define, to document (in writing or electronically) and to implement. The goal and emphasis with FDA is simple. Proof of "Establish" is the foundation. Is the firm doing what the regulations specify? Is the firm doing what their procedures specify? Are the procedures being followed and enforced by company personnel? SOPs are needed in regulated industries to give step-by-step instructions for performing a particular job or task. This session will provide a step-by-step overview and a snapshot of the procedure description, the process and format. The subject matter of a SOP may range from how to operate a piece of machinery to how to log into a particular software program. SOPs ensure consistency and reliability because they require training of all affected parties. This session will address recent enforcement actions for SOP related violations but no surprise. Most of our enforcement actions are documentation related, i.e., SOP or other procedural documents. We will review examples from

Course "HIPAA Security & Privacy Official - Roles and Responsibilities" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Being the HIPAA Security and Privacy Official involves not only ensuring you know the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your HIPAA Security and Privacy Official needs to understand what all the HIPAA requirements are or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive seminar. Why you should attend: The HIPAA Security and Privacy Official is the backbone of any organization's compliance program. Often times this role is assigned as collateral duty in smaller organizations. Regardless the size of an organization, the HIPAA Security and Privacy Official must know all the requirements for compliance. This is a critical element of the position. Attendees will leave the course clearly understanding the role and all the requirements as the designated as a HIPAA Security and Privacy Official. This seminar will cover reviews, creation, and amending policy and procedure. After completing this course, a HIPAA Security and Privacy Official will have a clear understanding for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? The Role and Responsibilities of the HIPAA Security and Privacy Official Complying with HIPAA Requirements? What are the HIPAA Security

Course "The A to Z's of HIPAA Privacy, Security, and Breach Notification Rules" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: This session is designed to provide intensive, two-day training in HIPAA compliance, including what's new in the regulations, what's changed recently, and what needs to be addressed for compliance by covered entities and business associates. The session provides the background and details for any manager of healthcare information privacy and security to know what are the most important privacy and security issues, what needs to be done for HIPAA compliance, and what can happen when compliance is not adequate. Audits and enforcement will be explained, as well as privacy and security breaches and how to prevent them. Numerous references and sample documents will be provided. Who Will Benefit: * Information Security Officers * Risk Managers * Compliance Officers * Privacy Officers * Health Information Managers * Information Technology Managers * Medical Office Managers * Chief Financial Officers * Systems Managers * Legal Counsel * Operations Directors Agenda: Day One Day one sets the stage with an overview of the HIPAA regulations and then continues with presentation of the specifics of the Privacy Rule, recent changes to the rules, and the basics of the Security Rule Lecture 1: Overview of HIPAA Regulations * The Origins and Purposes of HIPAA * Privacy Rule History and Objectives * Security Rule History and Objectives * Breach Notification Requirements, Benefits, and Results Lecture 2: HIPAA Privacy Rule Principles, Policies and Procedures * Patient Rights under HIPAA * Limitations on Uses and Disclosures * Required Policies and Procedures * Training and Documentation Requirements Lecture 3: Recent and Proposed Changes to the HIPAA Rules * New Penalty Structure * New HIPAA Audit Program * New Patient Rights

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your healthcare practice or office manager needs to understand what all the HIPAA requirements are or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive course.  Why should you Attend: The practice or office manager is the backbone of any healthcare office. Besides being responsible for many of the daily operations within an office, the practice manager is often tasked with managing the HIPAA compliance program. Knowing what is required is critically important.  Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and to make sure the practice has the proper policies and procedures in place. After completing this course, a practice or office manager will have a clear understanding for what needs to be place when it comes to all of the HIPAA regulations.  Areas Covered in the Session: Why was HIPAA created? Who Must Comply with HIPAA Requirements? What are the HIPAA Security and Privacy Rules? The Role of the HIPAA Security and Privacy Official What is a HIPAA Compliance Program? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Assessment? What are HIPAA training requirements?

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your healthcare practice, business, or organization needs to understand how to put HIPAA compliance program in place or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive course. Why should you Attend: With an increase in HIPAA enforcement and Phase 2 audits underway, many organizations need to fully understand the requirements of a compliance program. Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and what steps need to taken to mitigate risk. After completing this course, a Covered Entity or Business Associate will have a clear roadmap for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? Who Must Comply with HIPAA Requirements? What are the HIPAA Security and Privacy Rules? What is a HIPAA Compliance Program? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Assessment? What are HIPAA training requirements? What is a HIPAA data breach and what happens if it occurs? What are the penalties and fines for non-compliance and how to avoid them? Creating a Culture of Compliance Questions Who Will Benefit: Com

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your organization needs to understand the role of the HIPAA Security Official, the requirements, and make sure the current compliance program is adequate and can withstand government scrutiny, please join us for this informative and interactive course. Why should you Attend: The role of the HIPAA Security Official is critically important in complying with the HIPAA Security Rule. Besides being responsible for many of the daily operations within an organization, the Security Official is tasked with managing the HIPAA compliance program. Knowing what is required is part of the Security Official's duties. Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and to make sure on organization has the proper policies and procedures in place. After completing this course, a HIPAA Security Official will have a clear understanding for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? Who Must Comply with HIPAA Requirements? What are the HIPAA Security and Privacy Rules? The Role of the HIPAA Security Official What is a HIPAA Compliance Program? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Asses

Setting up a compliance program in healthcare: Organizations that set up a compliance program in healthcare should go by many voluntary regulations from the OIG, apart from those mandated by HIPAA. Setting up a compliance program in healthcare is about being compliant with standards. This entails having to be compliant with several standards, which cover a wide variety of areas. There are several voluntary and mandatory guidelines from the Office of the Inspector General (OIG), apart from standards from HIPAA. Setting up a compliance program in healthcare meeting HIPAA requirements is set out and mandated by the Patient Protection and Affordable Care Act (PPACA). Guidelines from the Office of the Inspector General (OIG) The series of compliance program guidance documents from the OIG are largely voluntary, and are meant for the different sections of the health care industry. These include Hospitals Nursing homes Third-party billers, and Durable medical equipment suppliers. These guidelines are issued with the intention of motivating healthcare units to develop and use their own internal controls aimed at helping them adhere to regulations, program requirements and statutes. The OIG issues documents, which act as guidelines for setting up a compliance program in healthcare by providing principles. These need to be adapted when healthcare organizations have to develop their own compliance program that is in tune with their best interests and needs. Another major aim is served in the implementation of these guidelines for setting up a compliance program in healthcare: They help healthcare units to understand the nature of fraud and other risks associated with abuse, when they are setting up a compliance program for their healthcare unit. HIPAA requirements Setting up a compliance program in healthcare while being compliant with HIPAA regulationsrequires a healthcare organization to put in place measures that ensure that health records must: Be confident

Overview: Discussions, presentation, and webinars regarding HIPAA regulations are usually addressed from the perspective of what the regulations entail, the necessity of compliance with the regulations, and the consequences of willful neglect or non-compliance. This presentation addresses HIPAA regulations from a different perspective - from a personal perspective - from the perspective of the person in charge of moving an organization or facility toward full compliance with HIPAA. The by-product of this presentation will be both an understanding of, and a detailed job description for, a position mandated in the regulations - the HIPAA Security/Privacy Officer. Why should you attend: The HIPAA regulations are numerous, complicated, often vague, and affect every person working in a healthcare facility. Compliance with HIPAA will require a unique individual to lead the charge - an individual whose education, background, experience, and demonstrated skill sets offer the opportunity for that person to succeed in achieving the goals of that position. This is a new position to most healthcare facilities. So understanding who this person should be, what is required of the person with this job title, and with whom this person will interface is vital to every healthcare organization with the goal of achieving full compliance with HIPAA. Areas Covered in the Session: Position goals Position requirements (education, experience, skill sets, etc.) Position responsibilities Stay abreast of regulations Initiate compliance with HIPAA (according to regulations) Ensure continuous progress toward full compliance Develop appropriate security/privacy policies & procedures Oversee and deliver appropriate training programs to all employees Track compliance with HIPAA regulations at the facility & individual levels Track access to PHI Investigate and resolve HIPAA violations Apply sanctions to HIPAA violators Manage any information security personnel Prepare a department budget Hold Bu

Overview: Discussions, presentation, and webinars regarding HIPAA regulations are usually addressed from the perspective of what the regulations entail, the necessity of compliance with the regulations, and the consequences of willful neglect or non-compliance. This presentation addresses HIPAA regulations from a different perspective - from a personal perspective - from the perspective of the person in charge of moving an organization or facility toward full compliance with HIPAA. The by-product of this presentation will be both an understanding of, and a detailed job description for, a position mandated in the regulations - the HIPAA Security/Privacy Officer. Why should you attend: The HIPAA regulations are numerous, complicated, often vague, and affect every person working in a healthcare facility. Compliance with HIPAA will require a unique individual to lead the charge - an individual whose education, background, experience, and demonstrated skill sets offer the opportunity for that person to succeed in achieving the goals of that position. This is a new position to most healthcare facilities. So understanding who this person should be, what is required of the person with this job title, and with whom this person will interface is vital to every healthcare organization with the goal of achieving full compliance with HIPAA. Areas Covered in the Session: Position goals Position requirements (education, experience, skill sets, etc.) Position responsibilities Stay abreast of regulations Initiate compliance with HIPAA (according to regulations) Ensure continuous progress toward full compliance Develop appropriate security/privacy policies & procedures Oversee and deliver appropriate training programs to all employees Track compliance with HIPAA regulations at the facility & individual levels Track access to PHI Investigate and resolve HIPAA violations Apply sanctions to HIPAA violators Manage any information security personnel Prepare a department

Incidental disclosures form the crux of HIPAA compliance and patient care. HIPAA has elaborate rules on how to maintain these and in what situations. Health Insurance Portability and Accountability Act (HIPAA), a landmark set of federal regulations, is aimed at protecting patient privacy regulations. Yet, it is understood that some information has to necessarily be shared. HIPAA compliance and patient care is centered on the inevitable disclosures that have to be made, or what are called incidental disclosures. Initially, there was some ambiguity about incidental disclosures, resulting in some kind of haziness about HIPAA compliance and patient care. With these cleared, much of HIPAA compliance and patient care hinges on this principle. Incidental disclosures determine patient care compliance with HIPAA Incidental disclosures are what are termed secondary use, i.e., it is the unavoidable or inevitable disclosure of Protected Health Information. It is understood that incidental disclosures, being a byproduct of the course or nature of the treatment; are inescapable, given the condition and situation of the patient. Guiding factors for HIPAA compliance with patient care The aim of HIPAA's Privacy Rule is to ensure that healthcare providers have to use professional judgment guided by ethical guidelines at the time of making incidental disclosures. The following bases were propounded for adherence with HIPAA compliance and patient care: Whenever there is an unavoidable breach in confidentiality, the breach should be proportionate to the potential benefit the patient's gets from care When a patient is not present in the healthcare setting or is incapacitated, information about the patient can be shared with the family, friends or whoever else is involved in the patient's care. This protocol need not be documented. In relation to the above, a requirement of HIPAA compliance for patient care is that when the patient has a condition that is not related to the present tr

Course "Validation and 21 CFR 11 Compliance of Computer Systems: Intermediate to Advanced" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Computer Systems Validation (CSV) also known as Software Validation is all-pervasive in the Life Sciences Industry. It is a requirement of all the predicate rules, as well as 21 CFR 11 and Annex 11. However, unless one knows how to implement CSV, it is often very hard to detect the requirement for CSV, and very hard to determine what needs to be done, to meet domestic and / or international regulations or business continuity requirements. In addition, the FDA has stepped up 21 CFR 11 inspections that include CSV. This course will build on the Validation and 21 CFR 11 Compliance Basic Course, to give hands on experience on executing on the computer systems validation of a system, and to discuss related activities such as Validation Master Plan, Infrastructure Qualification, Project Management for Validation and Validation of Test Tools The attendees must have attended the Basic Validation & 21 CFR 11 Compliance. This is a very hands-on class and the attendees will be expected to use templates provided in the class to create the complete package for the validation of a system The Seminar: This Hands-On course will provide the attendees with more detailed experience on validation / 21 CFR 11 compliance of a computer system, as well as details for activities associated with computer systems validation as follows: 1. Validation Master Plan 2. Complete Validation for a System 3. Excel Spreadsheet Validation 4. Change Control 5. SOPs 6. Test Tools Validation 7. Project Management for Validation Who Should Attend : * VP of IT * Director of IT * Quality Managers * Project Managers (for CSV / IT) * Validation Specialists * Database Administrators * System Administrators * Directors / Senior Directors of Discovery * Directors /

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the understanding the fundamentals of a HIPAA and how you will be required to demonstrate your organization's compliance program. If your healthcare practice, business, or organization needs to understand how to be prepared for an increase in HIPAA enforcement and make sure your current safeguards are adequate and can withstand government scrutiny, please join us for this informative and interactive course. Why should you Attend: BAll most 120,000,000 individuals were affected by HIPAA data breaches in 2015. This is a significant reason why Congress has inquired about the recent and very sizeable increases in cyber-attacks that inflect the risk of medical identity theft. The HHS Office for Civil Rights not only are conducting audits but is looking to increase HIPAA enforcement. Attendees will leave the course clearly understanding of all the requirements that must be in place for HIPAA and how to demonstrate compliance if audited. After completing this course, a Covered Entity or Business Associate will be able to know what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? What are the HIPAA Security and Privacy Rules? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Assessment? What are HIPAA training requirement