Group items tagged

Course "New HIPAA Audit and Enforcement Activities: Being Prepared to Show your Compliance " has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: We will be discussing the history and evolution of HIPAA Privacy/Security and the major points you need to understand to proactively protect your practice or business from the imminent federal auditing process: * History of HIPAA * HITECH * HIPAA Omnibus Rule * How to perform a HIPAA Security Risk Assessment * What is involved in a Federal audit and how is it conducted * Risk factors for a federal audit * How to avoid a Federal audit * Business Associates and HIPAA audits * EHR and HIPAA * Business Continuity/Disaster Recovery Planning * Assessing your contractors and sub-contractors * In depth discussions on IT down to the nuts and bolts * Risk factors that can cause an audit (low hanging fruit) * New rules which grant states ability to sue citing HIPAA on behalf of a patient * New funding measures Why should you attend : The evolutions of this enigmatic law and how what was once relative benign in terms of enforcement is now fully funded and aggressive. Learn what you can do to be prepared for an audit and how to lower risks of ever being audited. It is absolutely imperative that you are proactive and not reactive with your compliance program, this is a necessary evil and you need to protect your practice or your business and limit risks from the imminent Federal audits. Join me in keeping up with this very confusing law and take advantage of all the templates and information provided as part of the seminar. Areas Covered in the Session: * HIPAA -Brief History * HIPAA Privacy Rule vs HIPAA Security Rule * HITECH Act * Breach Notification Rule * Omnibus Rule and audits * Business Associates and audits * Current Court Cases (precedence) * Paper Based PHI Concerns and how to lower risk

Overview: Learn how to improve your healthcare compliance program by using requirements found in corporate integrity agreements (CIAs) issued by the OIG. By proactively incorporating various features of CIAs, healthcare providers of all types can be better assured of meeting compliance standards. While there are many different types of healthcare compliance issues, probably the area of most concern is that of properly filing claims and receiving appropriate reimbursement. The OIG has issued various types of guidance including Federal Register entries, fraud alerts, and issues as listed in the OIG Work Plans. By providing such guidance, the OIG has given healthcare providers notice so that there can be no defense of not knowing about an issue. By organizing your compliance program to detect and then correcting various types of issues is a major objective of having a compliance program. Understanding systematic processes for improving your healthcare compliance program using CIA requirements can forestall possible criminal and civil monetary penalties. The hundreds of CIAs that have been developed when the OIG detects fraudulent activities can be used as a guide for developing and improving healthcare compliance programs for all types of healthcare providers. The process of statistical extrapolation is used by the OIG when conducting studies in order to determine recoupment amounts. Statistical extrapolation can also be used by healthcare providers when determining possible overpayments. However, the proper use of statistical extrapolation is a formal and complex mathematical process that must be properly applied. The OIG CIAs provide another resource for healthcare providers to study, understand, and then apply as appropriate. Why should you Attend: What are the OIG Corporate Integrity Agreements (CIAs)? Why does the OIG issue CIAs? Can I use general requirements from CIA to avoid monetary penalties or even avoid going to jail? Can any healthcare provider use

Dealing with Medicare and Medicaid Overpayments : Medicare and Medicaid overpayments are pretty common. If they are not dealt with properly, they invite penalties. Medicare and Medicaid Overpayments happen when a person, provider or supplier receives a payment that is in excess of the amount due to him or her under Medicare statutes and regulations. This overpayment becomes a federal debt that is owed by the individual to the State. So, Centers for Medicare and Medicaid Services (CMS) is required by federal law to recover this amount. Overpayments routinely occur in Medicare and Medicaid. Many a time, these are unintended and are usually a result of oversight, but could also happen due to intent. Some of the most common reasons for which Medicare and Medicaid overpayments occur can be when: Duplicate submissions of the same service or claim are made Excessive or non-covered services are billed or furnished for billing Services that are not necessary medically or are excluded are paid for The wrong payee gets paid. How are Medicare and Medicaid overpayments processed? Obamacare has amended the federal False Claims Act (FCA), which is part of the Fraud Enforcement Recovery Act of 2009 (FERA), to add provisions relating to recovery of Medicare and Medicaid overpayments. This is how the process of Medicare and Medicaid overpayments works: Whenever Medicare comes to know that any overpayment of $10 (raised to $25 from July 2014) or more is made, it directs the Medicare Administrative Contractor (MAC) to initiate the process of recovery of this overpayment. The MAC starts the process by initially mailing a demand letter in which repayment is requested If no action is taken, a second and third demand letters are mailed in a month following the first one. Contents of a demand mail from Medicare/Medicaid: The demand letter sent by the MAC will explain the details of the Medicare and/or overpayment. When repayment is not made in full within 30 days, interest starts get

Course "HIPAA for the Compliance Officer" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: I will be going into great detail regarding you practice or business and how it relates to the HIPAA Security/Privacy Rule, Areas covered will be history of HIPAA, privacy vs security, business associates, changes for 2016, audit process, paper based PHI, HIPAA and suing, texting, email, encryption, medical messaging, voice data and much, much, more I will uncover myths versus reality as it relates to this very enigmatic law based on over 600 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. I will also speak to real life audits conducted by the Federal government (I've been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). In addition, this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. Don't always believe what you read online about HIPAA, especially as it relates to encryption and IT, there are a lot of groups selling more than is necessarily required. Why you should attend: This lesson will be addressing how practice/business managers (or compliance offers) need to get their HIPAA house in order before the imminent audits occur. It will also address major changes under the Omnibus Rule and any other applicable updates for 2016. There are an enormous amount of issues and risks for covered entities and business associates these days. I will speak on specific experiences from over 17 years of experience in working as an outsourced compliance auditor, expert witness on HIPAA cases, and thoroughly explain how patients are now able to get cash remedies for wrongful disclosures of private health information. More im

Overview: Drug and device research is confusing and difficult on its own but when you start combining drugs with devices the regulatory landscape changes as there are more nuances to deal with. Knowing how drug and device studies are each regulated is important in navigating the challenges posed by studies that wish to use both. It is also important to be aware of current guidance affecting the use of both drugs and devices in a study as well current guidance affecting the classification of devices. Why should you attend: Information on drugs and devices is plentiful. But, it can also be daunting .The webinar will give attendees a foundation and a starting point on which they can build. Learning objectives: Define drug research Define device research Explore the differences between the two Describe requirements when drugs and devices are combined in one study Areas Covered in the Session: Defining Drug Research FDA approved drugs Investigational drugs Compassionate use Defining Device Research FDA approved devices 510 K devices Humanitarian Device Exemptions Invitro Diagnostic Devices Investigational Devices Federal regulations governing drugs and devices Guidance governing drugs and devices Combining devices and drugs into one study What are the requirements? What are the regulations and guidance? How these studies are reviewed Who Will Benefit: Investigators Researchers Research Staff Study Coordinators Auditors Research Administrators Speaker Profile Sarah Fowler-Dixon is Education Specialist and instructor with Washington University School of Medicine. She has developed a comprehensive education program for human subject research which has served as a model for other institutions. She crafted budgets, policies, procedures, reporting, and training for the new program. She has initiated the planning, development, authorship and implementation of many human subjects research policies, practices, guidelines, submission and reviewer forms often working with st

Overview: The trial master file is a hard copy of all documentation relating to a clinical trial. It contains essential documents. When studies are conducted under ICH E6 Good Clinical Practices (GCP), this collection of documents must be present before, during and after the trial. These documents help provide quality assurance and help researchers evaluate their compliance with GCP, federal regulations and applicable laws. Why should you Attend: Anyone responsible for handling trial documentation or quality assurance activities. Areas Covered in the Session: Trial Master File (TMF): what is it? Essential documents required ICH guidelines and Good Clinical Practice (GCP) Food and Drug Administration (FDA) guidance and expectations Paper or electronic trial master files - what is allowable Links to useful resources Who Will Benefit: This webinar will provide valuable assistance to all personnel in: Human Subjects Research Healthcare interested in exploring the field of Clinical Research New Clinical Research Coordinator positions (1-2 years) New Principal Investigator positions Administration in charge of Clinical Research Regulatory Compliance Speaker Profile Sarah Fowler-Dixon is Education Specialist and instructor with Washington University School of Medicine. She has developed a comprehensive education program for human subject research which has served as a model for other institutions. She crafted budgets, policies, procedures, reporting, and training for the new program. She has initiated the planning, development, authorship and implementation of many human subjects research policies, practices, guidelines, submission and reviewer forms often working with state and federal authorities. She has provided consultation regarding ethical, federal, state, and institutional requirements for faculty and staff both in the design and execution of their projects and teaches research ethics and regulatory affairs and the fundamentals of research manageme

Overview: Remember spaghetti code? The HIPAA breach area is now almost as convoluted and overlapping and confusing as spaghetti code. Sometimes you think you are both coming and going at the same time when you think through an event to determine if your organization has had a breach. For example: Is a security incident always a beach? Is an ePHI breach a security incident as well? Is a cybersecurity event always a breach? What if it does not steal any clinical information, diagnoses or procedures information, or any payment information? A security incident? Or both? Are all the necessary kinds of notice in the Breach rule? What is Cybersecurity Insurance? Is it really the finger in the dike or itself full of Swiss cheese? Can the loss of patient or member data be a HIPAA breach and identity theft plus a fraud issue? Why should you Attend: HIPAA breaches now number in the multiple thousands, if not multiple millions. Your organization needs to be prepared for the initial sense of panic, a complete investigation, and the federal, state and reputational costs of a mega breach. A breach now costs in money approximately $225/record. And this does not include any fine of any type. The loss and theft of 1000 records may cost you organization from a quarter to $1 M, or more, and 6 months to a year to resolve. You need to know the basics of what PHI and ePHI really are; what puts the event into the breach safe harbor, what breach exceptions keeps the event out of OCR's hands, what the 4 factors are and how they are used. You need to know that your organization's breach plan and your policies and procedures include the need to notify when necessary the police, the FBI and other state and federal organizations beyond the Office for Civil Rights. Your organization needs to know how to protect itself after the fact by considering Cybersecurity Insurance. Areas Covered in the Session: Definition and reporting of a Security Incident Definition of a breach Breach Guidance Br

Basics of the Anti-Kickback Statute : The Anti-Kickback Statute is aimed at curbing abuse and fraud in the Medicare and Medicaid systems by professionals who offer services and benefit in direct or indirect ways. In order to protect Medicare and Medicaid patients, as well as federal health care programs from abuse and fraud; the Anti-Kickback Statute was enacted. The core act that the Anti-Kickback Statute considered as fraud and abuse is the unlawful acceptance or diversion of money into influencing medical decision-making. The Anti-Kickback Statute is very clear on this. It states that anyone in the healthcare industry, who consciously and deliberately accepts a fee or remuneration of any kind or offers the same with the intention of manipulating the course of a medical decision-making, is liable to punishment. What acts attract penalties? Acts of various kinds attract penalties under the Anti-Kickback Statute. Some of these include: Carrying out advertising or marketing activities for promoting the brand of health care providers Participating in affiliate programs or pay per click commissions Working out promotion agreements with multiple companies Taking part in sponsorships Working out strategic alliances with healthcare providers Licensing content or technology Selling a healthcare provider's brands of products or services Taking a cut in the advertising revenue The nature of penalties under the Anti-Kickback Statute The Anti-Kickback Statute states major penalties for acts it prohibits. The Anti-Kickback Statute prescribes these major penalties: Up to five years in prison This has the potential to attract additional monetary fines of up to $25,000 Administrative civil money penalties that can go up to $50,000 In addition, the Office of Inspector General (OIG) could initiate administrative proceedings and take steps aimed at prohibiting anyone convicted of an Anti-Kickback violation from participating in State and federal programs. The OIG could also impose

Overview: The Sunshine Act, or Open Payments Program, requires manufacturers of drugs, medical devices, and biologics that participate in U.S. federal health care programs to report certain payments and items of value given to physicians and teaching hospitals. This Act was part of a healthcare reform bill adopted in March 2010. It came about due to requests for increased transparency about the financial relationships between physicians and industry. The Centers for Medicare and Medicaid (CMS) issued the final rules in 2013 which implemented the Sunshine Act. Why should you Attend: Anyone required to adhere to the Sunshine Act standards or anyone interested in knowing what must be reported and made public. Areas Covered in the Session: Purpose of the Sunshine Act Who is required to report under the Sunshine Act? What is reported? Exclusions Tracking Penalties Useful links Who Will Benefit: This webinar will provide valuable assistance to all personnel in: Human Subjects Research Healthcare interested in exploring the field of Clinical Research Clinical Research Coordinators Principal Investigators/Physicians Administration in charge of Clinical Research Regulatory Compliance Speaker Profile Sarah Fowler-Dixon is Education Specialist and instructor with Washington University School of Medicine. She has developed a comprehensive education program for human subject research which has served as a model for other institutions. She crafted budgets, policies, procedures, reporting, and training for the new program. She has initiated the planning, development, authorship and implementation of many human subjects research policies, practices, guidelines, submission and reviewer forms often working with state and federal authorities. She has provided consultation regarding ethical, federal, state, and institutional requirements for faculty and staff both in the design and execution of their projects and teaches research ethics and regulatory affairs and the fu

Overview: Today's health care delivery occurs in a diverse, fast-changing, multidisciplinary health care environment. This often presents challenges to the health care professional that are not easy to navigate. Medical records and their confidentiality have long been the exclusive province of state law, but has now been recognized for some time in the federal HIPAA statutes and federal regulations. Differing and even conflicting sources of requirements at the state level still exist for the retention and disposition of medical records. These sources may vary based upon the specific health care practitioner - whether physicians, dentists, psychologists, or other health care providers, including mental health practitioners. As to the specific, individual health care practitioner, state laws mandate their confidentiality, retention, and even their specific content with regards to patient, clinical records. In addition to these clinical requirements, additional state laws set forth the content and retention of other types of records kept by the professional, such as supervisory agreements with other professionals subordinate to them as well as their own unique record content requirements. With the majority of medical records moving to an electronic format, special rules now exist with regard to the confidentiality, security, retention, and disposition of electronic medical records. This is particularly important as state laws continue to allow for and regulate the provision of telemedicine by various health care practitioners. For example, while psychotherapy and mental health services are ideal treatments to offer over the internet, that is, by simultaneous audio-visual transmission between the doctor and the patient, the risks of breaches of confidentiality also vastly increase. And when the successful doctor-patient relationship is over, how does the health care practitioner providing a mental health service dispose of these electronic records? In addit

Overview: Section 13411 of the Health Information Technology for Economic and Clinical Health (HITECH) Act, requires Health and Human Services (HHS) to conduct periodic audits of providers and business associates to ensure their compliance with the HIPAA Security and Privacy Rule, and breach notification standards. To implement this mandate, the Office of Civil Rights (OCR) has conducted HIPAA/HITECH audit program with KPMG of 115 health care organizations to assess privacy and security compliance. This webinar will focus on the implementation and tracking of HIPAA audit best practices in a healthcare setup in order to prepare for the federal audit using published OCR audit protocols. Every audit begins with interviews, a questionnaire, and a thorough policy and procedures review. Presenter, with his decades of knowledge in the compliance, legal, auditing and security areas, will walk the attendees through the audit process, documentation requirements, and implementation specifications of the HIPAA privacy, security and breach rules. This presentation not only provides opportunity for the participants to prepare for the federal HIPAA audit but also to improve the security posture of their organizations by adopting to changing technology (mobile, social media, Health Information Exchange(HIE), cloud services, etc.) and threat landscape perspective as well. This presentation will uncover reasons why many health information breaches are occurring and help organizations better secure and comply with electronic protected health information by meeting the required and addressable HIPAA/HITECH security rules. The presenter will also share the best practices used for HIPAA security implementation and continuous risk assessment which is considered as "due diligence" by auditors for the HIPAA security compliance program. Areas Covered in the Session: Healthcare Technology Adoption/Trends Healthcare Regulatory (HIPAA/HITECH) and OCR/HHS Audit Overview Differences between

The Clinical Laboratory Improvement Amendments of 1988 All clinical laboratory testing done on humans in the US, save those done for basic research and clinical trials, have to comply with the provisions of the Clinical Laboratory Improvement Amendments (CLIA). Clinical Laboratory Improvement Amendments, a set of federal amendments carried out in 1988 set out federal standards for carrying out clinical laboratory testing. A clinical laboratory is, according to the CLIA, a facility in which laboratory testing is done on samples procured from humans. This testing is done with the aim of obtaining information with the intention of evaluating health, using which clinicians diagnose, prevent, or treat disease. Having defined a clinical laboratory thus, the Clinical Laboratory Improvement Amendments set out the regulatory guidelines on which clinical trials are to be administered. The fundamental aim of the Clinical Laboratory Improvement Amendments is to ensure accuracy, efficacy, safety, reliability and efficiency of clinical trials. The Clinical Laboratory Improvement Amendments seek to do this by setting aside grades for a range of criteria that relate to these aspects of the clinical trial. These grades are given from a score of 1, meaning the lowest, to 3, the highest, to assess as many as seven criteria of a particular clinical trial. These seven criteria are: Knowledge Materials used in proficiency, quality control, and calibration of materials Features of operational steps Experience and training Troubleshooting of test system troubleshooting and maintenance of equipment Preparation of reagents and other materials Interpreting and judging the results of the tests Points to be borne in mind for enforcing provisions of the Clinical Laboratory Improvement Amendments Provisions set out in the Clinical Laboratory Improvement Amendments are to be enforced through a set of parameters. These include: Procedure manual A basic part of the Clinical Lab

Overview: Today's health care delivery occurs in a diverse, fast-changing, multidisciplinary health care environment. This often presents challenges to the health care professional that are not easy to navigate. Medical records and their confidentiality have long been the exclusive province of state law, but has now been recognized for some time in the federal HIPAA statutes and federal regulations. Differing and even conflicting sources of requirements at the state level still exist for the retention and disposition of medical records. These sources may vary based upon the specific health care practitioner - whether physicians, dentists, psychologists, or other health care providers, including mental health practitioners. As to the specific, individual health care practitioner, state laws mandate their confidentiality, retention, and even their specific content with regards to patient, clinical records. In addition to these clinical requirements, additional state laws set forth the content and retention of other types of records kept by the professional, such as supervisory agreements with other professionals subordinate to them as well as their own unique record content requirements. With the majority of medical records moving to an electronic format, special rules now exist with regard to the confidentiality, security, retention, and disposition of electronic medical records. This is particularly important as state laws continue to allow for and regulate the provision of telemedicine by various health care practitioners. For example, while psychotherapy and mental health services are ideal treatments to offer over the internet, that is, by simultaneous audio-visual transmission between the doctor and the patient, the risks of breaches of confidentiality also vastly increase. And when the successful doctor-patient relationship is over, how does the health care practitioner providing a mental health service dispose of these electronic records? In addition to

Overview: This lesson will be going into great detail regarding your practice or business information technology and how it relates to the HIPAA Security Rule, in particular portable devices. Areas covered will be texting, email, encryption, medical messaging, voice data and risk factors as they relate to IT. I will uncover myths versus reality as it relates to this very enigmatic law based on over 600 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. I will also speak to real life audits conducted by the Federal government (I've been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). In addition this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. Don't always believe what you read online about HIPAA, especially as it relates to encryption and IT, there are a lot of groups selling more than is necessarily required. Why should you Attend: HIPAA NOW HAS TEETH! Be prepared for what's new in 2016! Protect your practice or business! What factors might spurn a HIPAA audit? …are you doing these things? Why are the Feds enforcing after all these years? It is important to understand the new changes going on at Health and Human Services as it relates to enforcement of HIPAA for both covered entities and business associates as it relates to portable devices, texting, and emailing of PHI. You need to know how to avoid being low hanging in terms of audit risk as well as being sued by individuals who have had their PHI wrongfully discloses due to bad IT practices. I have also been expert witness on multiple court cases where a business or medical practice is being sued for not doing their due diligence to minimize risk. Areas Covered in the Session: Updates for 2016 BYOD Portable devices B

Overview: This lesson will be going into great detail regarding your practice or business information technology and how it relates to the HIPAA Security Rule, in particular portable devices. Areas covered will be texting, email, encryption, medical messaging, voice data and risk factors as they relate to IT. I will uncover myths versus reality as it relates to this very enigmatic law based on over 600 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. I will also speak to real life audits conducted by the Federal government (I've been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). In addition this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. Don't always believe what you read online about HIPAA, especially as it relates to encryption and IT, there are a lot of groups selling more than is necessarily required. Why should you Attend: HIPAA NOW HAS TEETH! Be prepared for what's new in 2016! Protect your practice or business! What factors might spurn a HIPAA audit? …are you doing these things? Why are the Feds enforcing after all these years? It is important to understand the new changes going on at Health and Human Services as it relates to enforcement of HIPAA for both covered entities and business associates as it relates to portable devices, texting, and emailing of PHI. You need to know how to avoid being low hanging in terms of audit risk as well as being sued by individuals who have had their PHI wrongfully discloses due to bad IT practices. I have also been expert witness on multiple court cases where a business or medical practice is being sued for not doing their due diligence to minimize risk. Areas Covered in the Session: Updates for 2016 BYOD Portable devices B

Healthcare fraud and abuse: Healthcare fraud and abuse are different but related kinds of malpractice. They affect everyone concerned: the patient, the healthcare unit, the healthcare sector, and eventually, the economy. Healthcare fraud and abuse are serious malpractices that can have very grave consequences for the patient, the hospital and the healthcare sector. They can also cost taxpayers heavy amounts of money. Healthcare fraud: There is some distinction between healthcare fraud and healthcare abuse. Healthcare fraud is said to happen, according to medicare.gov, when Medicare gets billed for a service or supply the end user never gets. These fraudulent claims result in loss of billions of dollars of revenue to Medicare each year. Healthcare fraud could be said to happen when: False statements are submitted knowingly or facts are misrepresented with the purpose of obtaining a federal health care payment for claims for which the person is not entitled A person knowingly solicits, pays, or/and accepts a payment with the intention of inducing or rewarding referrals for services or items that any of the federal healthcare programs reimburse Eligibility is falsified Prohibited referrals are made for select, designated health services Healthcare abuse: Although related, healthcare fraud and abuse are not totally similar to each other in spirit. A healthcare abuse can be when physicians do not comply with or bypass established good medical practices or administer treatments that are not necessary. This is less serious than fraud in terms of intent, but carries the same consequences: loss of billions of dollars to the exchequer and potential damage the patient's health and the physician's and/or healthcare provider's reputation. Some examples of healthcare abuse These are some of the examples of healthcare abuse: When services that are not medically warranted are performed and charged for When services and/or supplies are charged in excess of their actual value

Overview: FDA 7348.811 section 1 states, "Regardless of the type of system used by the clinical site, the regulatory requirements for clinical data do not change whether clinical data are captured on paper, electronically, or using a hybrid system." What type of system is best for your program and investigator capabilities? The wrong choice yields inspectional non compliance. The right choice of electronic data capture, direct data entry, and data management depends on a sponsor assessment of the systems and procedures at the investigator site as compliant with FDA inspectional requirements. Additional source documentation procedures (origination, authorization, and signature) are required at the investigator site to address the electronic data capture process. It is these three FDA mandated inspectional criteria, applicable to every electronic data element, that generate most of the significant inspectional noncompliant findings. Some data elements are more likely to be associated with the findings of noncompliance than others. It is in fact difficult to determine which data requires or does not require original source documentation and what defines "original source documentation". Why should you attend: Investigators commonly assume that the new guidance and regulations reduce the need for source documentation in clinical trials. In fact, there are new procedural documents relevant to the electronic source documents and direct data entry that are required to comply with the current inspectional standards and the final guidance. Sponsor due diligence in choosing, training, and monitoring investigator sites to enable the use of compliant electronic data capture is required. Basic knowledge of part 11 and GCP requirements will be helpful in attending this advanced webinar. The focus will be on the additional FDA inspectional requirements for electronic data capture, and the impact of using electronic data capture on the seven FDA inspectional priority objectives

Overview: The objectives of this course will be to go over the specific risks associated with business associates as it relates to HIPAA compliance. I will uncover myths versus reality as it relates to this very enigmatic law based on over 600 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. Times have changed and unfortunately many businesses are losing clients or unable to get new clients due to problems with their compliance program or lack of a compliance program. I will demonstrate from real life audits conducted by the Federal government what your highest risks are for being fined (some of the risk factors may surprise you). In addition this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. States are being encouraged by the Federal government to implement new laws to remedy their citizens. Why should you Attend: Protect your business! Business associates are now required to comply directly with the HIPAA legislation! Many businesses are losing clients or unable to get clients because of compliance issues. We will be discussing the changes taking place in Washington DC with the Health and Human Services in relating to new risks business associates face under HIPAA. I will also be discussing factors might cause an unwanted visit or letter from the Office of Civil Rights and how to prepare for the audit and deal with the Feds Areas Covered in the Session: Updates for 2016 What to do if a client requires more than just a signed business associate agreement Fines Policy and Procedure Who Will Benefit: Any business associates who work with medical practices or hospitals (i.e. billing companies, transcription companies, IT companies, answering services, home health, coders, attorneys, etc) Speaker Profile Brian Tuttle is a Certified Professional in H

A Basic Understanding of Shipyard Workplace Safety Shipyard Workplace Safety is a high importance, high criticality area for safety regulation. This is so because shipyards are among the most hazardous of places to work in. it is estimated that at any point of time, the number and incidences of injuries and fatalities in the shipyard industry is at least twice that of the next most hazardous industry, construction. This calls for urgent and important Shipyard Workplace Safety regulations. Present Shipyard Workplace Safety Regulations OSHA has a number of Shipyard Workplace Safety regulations for this industry. These need to be read with CFR Title 29 Code of Federal Regulations (CFR) Part 1915, which not only lay out regulations, but also prescribe codes and methods of implementation of these regulations. Why these two regulations need to be implemented together is that there may be a few hazards not covered by Shipyard Industry standards set out by OSHA. These gaps are covered by the regulations set out in CFR 1915, making these a well-rounded set of regulations for Shipyard Workplace Safety. The need for Shipyard Workplace Safety regulations The need for Shipyard Workplace Safety is acutely felt because of the sheer variety of hazards that present themselves in shipyards. Shipyards, which employ between a few dozen and a few thousand employees each, are a site of potentially serious accidents. Even if accidents do not occur, the very nature of work done at these shipyards can be dangerous and hazardous. Shipyard Workplace Safety is a core requirement that employers in this industry have to keep in mind and put in place. The nature of their work could range from and include any or many of these: Scrapping Demolition Electrical Fabrication Creating large and heavy steel or iron plates, sheets, beams, pipes and related items Soldering Drilling Dealing with propulsion systems Welding Shipyard Workplace Safety has to begin with an understanding of these issue

Course "HIPAA Security & Privacy Official - Roles and Responsibilities" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Being the HIPAA Security and Privacy Official involves not only ensuring you know the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your HIPAA Security and Privacy Official needs to understand what all the HIPAA requirements are or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive seminar. Why you should attend: The HIPAA Security and Privacy Official is the backbone of any organization's compliance program. Often times this role is assigned as collateral duty in smaller organizations. Regardless the size of an organization, the HIPAA Security and Privacy Official must know all the requirements for compliance. This is a critical element of the position. Attendees will leave the course clearly understanding the role and all the requirements as the designated as a HIPAA Security and Privacy Official. This seminar will cover reviews, creation, and amending policy and procedure. After completing this course, a HIPAA Security and Privacy Official will have a clear understanding for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? The Role and Responsibilities of the HIPAA Security and Privacy Official Complying with HIPAA Requirements? What are the HIPAA Security