Group items tagged

Overview: This lesson will be going into great detail regarding your practice or business information technology and how it relates to the HIPAA Security Rule, in particular portable devices. Areas covered will be texting, email, encryption, medical messaging, voice data and risk factors as they relate to IT. I will uncover myths versus reality as it relates to this very enigmatic law based on over 600 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. I will also speak to real life audits conducted by the Federal government (I've been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). In addition this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. Don't always believe what you read online about HIPAA, especially as it relates to encryption and IT, there are a lot of groups selling more than is necessarily required. Why should you Attend: HIPAA NOW HAS TEETH! Be prepared for what's new in 2016! Protect your practice or business! What factors might spurn a HIPAA audit? …are you doing these things? Why are the Feds enforcing after all these years? It is important to understand the new changes going on at Health and Human Services as it relates to enforcement of HIPAA for both covered entities and business associates as it relates to portable devices, texting, and emailing of PHI. You need to know how to avoid being low hanging in terms of audit risk as well as being sued by individuals who have had their PHI wrongfully discloses due to bad IT practices. I have also been expert witness on multiple court cases where a business or medical practice is being sued for not doing their due diligence to minimize risk. Areas Covered in the Session: Updates for 2016 BYOD Portable devices B

Overview: This lesson will be going into great detail regarding your practice or business information technology and how it relates to the HIPAA Security Rule, in particular portable devices. Areas covered will be texting, email, encryption, medical messaging, voice data and risk factors as they relate to IT. I will uncover myths versus reality as it relates to this very enigmatic law based on over 600 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. I will also speak to real life audits conducted by the Federal government (I've been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). In addition this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. Don't always believe what you read online about HIPAA, especially as it relates to encryption and IT, there are a lot of groups selling more than is necessarily required. Why should you Attend: HIPAA NOW HAS TEETH! Be prepared for what's new in 2016! Protect your practice or business! What factors might spurn a HIPAA audit? …are you doing these things? Why are the Feds enforcing after all these years? It is important to understand the new changes going on at Health and Human Services as it relates to enforcement of HIPAA for both covered entities and business associates as it relates to portable devices, texting, and emailing of PHI. You need to know how to avoid being low hanging in terms of audit risk as well as being sued by individuals who have had their PHI wrongfully discloses due to bad IT practices. I have also been expert witness on multiple court cases where a business or medical practice is being sued for not doing their due diligence to minimize risk. Areas Covered in the Session: Updates for 2016 BYOD Portable devices B

Overview: This lesson will be going into great detail regarding you practice or business information technology and how it relates to the HIPAA Security Rule, in particular portable devices and personally owned devices. Areas covered will be texting, email, encryption, medical messaging, voice data and risk factors as they relate to IT. I will uncover myths versus reality as it relates to this very enigmatic law based on over 600 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. I will also speak to real life audits conducted by the Federal government (I've been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). In addition this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures.  Don't always believe what you read online about HIPAA, especially as it relates to encryption and IT, there are a lot of groups selling more than is necessarily required.  Why should you Attend: HIPAA NOW HAS TEETH! Be prepared for what's new in 2016! Protect your practice or business! What factors might spurn a HIPAA audit? …are you doing these things? Why are the Feds enforcing after all these years?  It is important to understand the new changes going on at Health and Human Services as it relates to enforcement of HIPAA for both covered entities and business associates as it relates to portable devices, texting, and emailing of PHI. You need to know how to avoid being low hanging in terms of audit risk as well as being sued by individuals who have had their PHI wrongfully discloses due to bad IT practices. I have also been expert witness on multiple court cases where a business or medical practice is being sued for not doing their due diligence to minimize risk.  Areas Covered in the Session: Update

Implementation of Regulatory Aspects of Clinical Research is critical One of the prime areas of clinical studies is regulatory aspects of clinical research. This applies in almost equal measure to medical research as a whole. The FDA and other regulatory bodies have spelt out a number of regulations that have to be complied with if the clinical research is to be approved. These regulatory requirements cover all aspects of clinical research. A look at some of these regulatory aspects would be instructive: FDA requirements on regulatory aspects of clinical research The FDA has an exhaustive list of regulations relating to Good Clinical Practice (GCP), the area which forms the backbone of regulatory aspects of clinical research. The FDA has a series of regulations that are aimed at bringing in discipline and process into clinical research. It implements all the laws relating to GCP passed by the American Congress. At present, there are a huge number of regulatory standards and requirements that have to be complied with by those undertaking clinical research in the US. These regulations are codified in the 21 CFR series. Notable sections of the 21 CFR series relating to regulatory aspects of clinical research include: 21 CFR Part 11 21 CFR Part 16 21 CFR Part 50 21 CFR Parts 50 and 56 21 CFR Part 54 21 CFR Part 58 21 CFR Part 312 21 CFR 312.120 21 CFR Part 314 21 CFR Part 320 21 CFR Part 511 21 CFR Part 514 21 CFR Part 601 21 CFR Part 812 21 CFR Part 814 EU requirements on regulatory aspects of clinical research In the EU, the core aspect of regulatory aspects of clinical research relates to the primary importance given to the subjects in a clinical research. For example, regulatory aspects of clinical research France are guided by the Public Health Code and Civil Code. This Code contains a list of regulatory conditions clinicians are obliged to adhere to. These regulations are to be monitored by a number of regulation enforcement bodies that the French governm

Overview: This lesson is going to get back to the basics using multiple real life scenarios and "what if's". My goal is to make this very confusing and not well explained law easy to understand for the typical staff member. I will uncover myths versus reality as it relates to this enigmatic law based on over 1000 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. I will also point out multiple court cases I have been affiliated with where a staff member of a hospital or clinic has been sued or even imprisoned! I will also speak to real life audits conducted by the Federal government (I've been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). In addition this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. Don't always believe what you read online about HIPAA, especially as it relates to encryption and IT, there are a lot of groups selling more than is necessarily required. Why should you Attend: Are you confused about HIPAA? Do you just want the basics and in plain English? Do you know there are civil and criminal penalties even for the rank and file staff member! Do you know what you can and can't do with protected health information? It is important to understand the new changes going on at Health and Human Services as it relates to enforcement of HIPAA for both covered entities and business associates as it relates to portable devices, texting, and emailing of PHI. You need to know how to avoid being low hanging fruit in terms of audit risk as well as being sued by individuals who have had their PHI wrongfully discloses due to bad IT practices. I have also been expert witness on multiple court cases where a business or medical practice is being sued for not doing their due diligence

Course "Key Factors to Write an Effective Standard Operating Procedure (SOP) and Work Instructions (WIs)" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Writing SOPs or procedural documents can be challenging at times. However, writing SOPs is overall a straightforward process. However, enforcing what you already created and implemented in the pipeline is another story. The term SOP is very obvious. We have seen "clearly written description of how specific tasks are to be done." Another satisfactory definition would be "detailed written instructions that achieve the uniformity of the performance of a specific function." Is the firm doing what the regulations specify? Is the firm doing what their procedures specify? If you are medical device or a pharmaceutical manufacturer, these definitions come as no surprise because when it comes to FDA regulations and guidance documents "establish" means to define, to document (in writing or electronically) and to implement. The goal and emphasis with FDA is simple. Proof of "Establish" is the foundation. Is the firm doing what the regulations specify? Is the firm doing what their procedures specify? Are the procedures being followed and enforced by company personnel? SOPs are needed in regulated industries to give step-by-step instructions for performing a particular job or task. This session will provide a step-by-step overview and a snapshot of the procedure description, the process and format. The subject matter of a SOP may range from how to operate a piece of machinery to how to log into a particular software program. SOPs ensure consistency and reliability because they require training of all affected parties. This session will address recent enforcement actions for SOP related violations but no surprise. Most of our enforcement actions are documentation related, i.e., SOP or other procedural documents. We will review examples from

Overview: In 2013, The US Department of Health and Human Services made major changes to rules implementing The Health Insurance and Portability Act of 1996 (HIPAA) and Health Information Technology for Economic and Clinical Health Act of 2003 (HITECH). Among the many areas impacted by these rules (billing, marketing, research, IT security, etc.) is fund raising. The amendments significantly modify the methods and practice that hospitals, their institutionally related foundations, and other healthcare charities may or must employ when using ANY patient or client information for fund raising. The webinar will cover how to effectively implement the fund raising regulations in a manner that increases both opportunities for philanthropic support and compliant implementation of the new mandates. The rules include specific operational requirements, some of which prohibit protocols that were required under the original HIPAA regulations. The "magic words" mandated by HIPPA-related regulations changed in multiple areas. The webinar will cover all of these areas to ensure your organization is both legally compliant and operationally effective. The types of information that may be used for fund raising changed significantly. This presents numerous substantial fund raising opportunities, as well as challenges on the use and storage of such information. Among other areas to be presented are The required method for individuals to opt-out of receiving fund raising communication The methods of informing patients and clients of their right to opt-out from receiving fund raising communication The broadly expanded types of fund raising communication subject to opt-out rights How providers, hospital, and related fund raising foundation apply an opt-out election by an individual The type of patient and client information that health charities may use for fund raising The contents of provider's Notice of Privacy Practice How clinicians can assist both their patients/clients and the

Health Information Security Compliance: Health information security compliance requirements from HIPAA keep risk management at the core. These requirements also have other guidelines. Health information security compliance is a vital requirement for healthcare providers. Healthcare professionals have to ensure security and privacy of Protected Health Information (PHI) and Electronic Protected Health Information (ePHI), which are part of Electronic Health Records (EHR). The guidelines, rules and requirements are mandated by HIPAA, which is in charge of ensuring that there is privacy and security of health information. Challenges associated with health information security compliance The very fact that a lot of health information is stored in electronic records makes health information security compliance all the more challenging. The way in which information flows between various players in the sector is also a factor: shared computers and information sharing with third party associates like laboratories and billers. If a healthcare organization is not compliant with health information security, it could be held indirectly responsible for issues arising out of these. HIPAA has regulations and guidelines on how providers can keep PHI and ePHI. It suggests and strongly recommends risk analysis as the basis for health information security compliance. These are set out in the Meaningful Use requirements. Some of risk analysis methods include or relate to the following: The provider's EHR software and hardware Assessment of whether the provider's practice protocols are adequate Risk assessment of the provider's physical setting and environment Risk assessment relating to staff education and training A thorough examination of EHR access controls Risk management relating to contracts with the provider's Business Associates The healthcare provider's practices in relation to patient relations and communications Physical measures for ensuring health information security c

Quality Assurance in Nursing Healthcare: Quality assurance in nursing is about assuring quality in nursing by ensuring that practices are compliant with quality standards. This is a full-fledged profession with its own educational and experience requirements. Quality assurance in nursing has to be understood from the standpoint of quality assurance and compliance. Quality assurance in nursing is about ensuring adherence to quality standards as mandated by nursing regulatory bodies. Quality assurance in nursing assesses what healthcare processes are in place and what else needs to be implemented to better the system. Where do quality assurance nurses work? Professionals who make a career out of quality assurance in nursing are employed in various healthcare settings. They could work in clinics or small or large hospitals. Professionals who make a career in quality assurance in nursing are licensed registered nurses. Since they are registered nurses, they should also obtain a licentiate. To get this, they should complete a prerequisite approved nursing program. The exam for getting licensure is the National Council Licensure Examination for Registered Nurses (NCLEX-RN), a computer-based examination. A higher level of education for those in quality assurance in nursing is a master's degrees inhealth care quality or a near degree. In some healthcare organizations, this is required at entry level. Some of the works they do in maintaining quality assurance in nursing include: Reviewing reports or files to make sure that activities contained in them are following regulatory clinical standards Collaborating with colleagues from other departments to which nursing is related either directly or indirectly Interacting with other hospitals or organizations, if the need arises For professionals pursuing a career in quality assurance in nursing, the ability to analyze data and manage cases is a must, as a major part of their work involves these. They should also be prompt abou

Overview: I will uncover myths versus reality as it relates to this very enigmatic law based on over 600 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. I will also speak to real life audits conducted by the Federal government (I've been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). In addition this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. Don't always believe what you read online about HIPAA, especially as it relates to what the government expects, I will uncover what is and isn't considered a high risk. Why should you Attend: HIPAA NOW HAS TEETH! Be prepared for what's new in 2016! Protect your practice or business! What factors might spurn a HIPAA audit? …are you doing these things? Why are the Feds enforcing after all these years? It is important to understand the new changes going on at Health and Human Services as it relates to enforcement of HIPAA for both covered entities and business associates as it relates to portable devices, texting, and emailing of PHI. You need to know how to avoid being low hanging in terms of audit risk as well as being sued by individuals who have had their PHI wrongfully discloses due to bad IT practices. I have also been expert witness on multiple court cases where a business or medical practice is being sued for not doing their due diligence to minimize risk. Areas Covered in the Session: Factors that can get you audited What to do if audited How to avoid an audit altogether Business associates and the increased burden Emailing of PHI Texting of PHI BYOD Updates for 2016 Who Will Benefit: Practice Managers Any business associates who work with medical practices or hospitals (i.e. billing companies, transcription companies, IT comp

Course "HIPAA for the Compliance Officer" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: I will be going into great detail regarding you practice or business and how it relates to the HIPAA Security/Privacy Rule, Areas covered will be history of HIPAA, privacy vs security, business associates, changes for 2016, audit process, paper based PHI, HIPAA and suing, texting, email, encryption, medical messaging, voice data and much, much, more I will uncover myths versus reality as it relates to this very enigmatic law based on over 600 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. I will also speak to real life audits conducted by the Federal government (I've been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). In addition, this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. Don't always believe what you read online about HIPAA, especially as it relates to encryption and IT, there are a lot of groups selling more than is necessarily required. Why you should attend: This lesson will be addressing how practice/business managers (or compliance offers) need to get their HIPAA house in order before the imminent audits occur. It will also address major changes under the Omnibus Rule and any other applicable updates for 2016. There are an enormous amount of issues and risks for covered entities and business associates these days. I will speak on specific experiences from over 17 years of experience in working as an outsourced compliance auditor, expert witness on HIPAA cases, and thoroughly explain how patients are now able to get cash remedies for wrongful disclosures of private health information. More im

What is Corporate Governance? In a broad sense, corporate governance can be defined as a set of processes by which corporations are run and administered. These are a collective function of the critical, core decision makers in the organization, such as Directors, CEO, managers, investors, stakeholders, shareholders, creditors, auditors and others. Corporate Governance sets out the methods and rules for making rules that govern corporate entities. Although business is the main concern and task of an organization, Corporate Governance occupies as important a position, because while the financial aspect of a business is all about profits, the Corporate Governance aspect is primarily about its integrity, values and reputation. Corporate Governance takes into consideration all aspects of the governance of the organization from critical standpoints such as ethics, regulatory aspects, policies and mission, etc. History of the growth of Corporate Governance Although Corporate Governance has been around for a number of decades in some or another form, it came to acquire proper shape and direction of late, following the collapse of very big multinationals such as Enron, WorldCom and others. It was felt that their shady dealings, which led to huge losses for their stakeholders and eventually to the businesses collapse, could have been averted if a proper regulatory framework of Corporate Governance were in place. This is the feeling that led to the passing of the Sarbanes Oxley Act, or SOX in the early 2000's. One of the core principles enunciated in SOX related to Corporate Governance. Elements of Corporate Governance As a result of the SOX Act and other legislations in other developed countries, such as the Cadbury Report of the UK and other legislations in the OECD nations; Corporate Governance is now administered through a well-defined set of principles. As a result of these legislations, Corporate Governance is now concerned with the following: Problems areas of Co

Overview: Learn how to improve your healthcare compliance program by using requirements found in corporate integrity agreements (CIAs) issued by the OIG. By proactively incorporating various features of CIAs, healthcare providers of all types can be better assured of meeting compliance standards. While there are many different types of healthcare compliance issues, probably the area of most concern is that of properly filing claims and receiving appropriate reimbursement. The OIG has issued various types of guidance including Federal Register entries, fraud alerts, and issues as listed in the OIG Work Plans. By providing such guidance, the OIG has given healthcare providers notice so that there can be no defense of not knowing about an issue. By organizing your compliance program to detect and then correcting various types of issues is a major objective of having a compliance program. Understanding systematic processes for improving your healthcare compliance program using CIA requirements can forestall possible criminal and civil monetary penalties. The hundreds of CIAs that have been developed when the OIG detects fraudulent activities can be used as a guide for developing and improving healthcare compliance programs for all types of healthcare providers. The process of statistical extrapolation is used by the OIG when conducting studies in order to determine recoupment amounts. Statistical extrapolation can also be used by healthcare providers when determining possible overpayments. However, the proper use of statistical extrapolation is a formal and complex mathematical process that must be properly applied. The OIG CIAs provide another resource for healthcare providers to study, understand, and then apply as appropriate. Why should you Attend: What are the OIG Corporate Integrity Agreements (CIAs)? Why does the OIG issue CIAs? Can I use general requirements from CIA to avoid monetary penalties or even avoid going to jail? Can any healthcare provider use

Patient Safety in Medical Education A very important aspect of medical education that had been overlooked for a long time is patient safety. When patient safety in medical education gets relegated to the backseat; the result is there for everyone to see: something like close to a 100,000 deaths at the turn of the previous century, according to the alarming results of a comprehensive study carried out by the Institute of Medicine. The tragedy of these deaths is that these were preventable. This reinforces the belief that patient safety in medical education is the core factor, which if handled properly, can save thousands of lives. How does patient safety in medical education come about? It goes without saying that physicians and other caregivers practice in their professions what they learn in schools. So, patient safety in medical education has to be incorporated into the curriculum at the earliest stages. Hospitals, medical colleges and other institutes that impart medical education have now started taking more than mere baby steps in inculcating patient safety in medical education as a core part of teaching, the already heavily burdened curriculum in medical education notwithstanding. Efforts by medical education bodies Following the publication of the IOM report, the American Association of Medical Colleges (AAMC) and the Curriculum Management and Information Tool (CurrMit) in the US and Medical Schools Council and the General Medical Council (GMC) in the UK sprang into action, announcing a slew of measures aimed at bringing about and reinforcing patient safety in medical education. Entire lessons and chapters are devoted to patient safety in medical education. Keywords and technical jargon relating to patient safety are now a highly visible aspect of patient safety in medical education. These are spread across all disciples and subjects of medical education, be it gynecology or anesthetics. What should curricula teach about patient safety in medical edu

Rationale for Clinical Trial Regulations Clinical trials, as we all know, are carried out to test the efficacy of a new drug or device being developed for a specific condition or disease. Clinical trials are experiments that have a high degree of risk if they are not properly implemented. For this reason, it is necessary for regulatory bodies to regulate clinical trials. The core rationale for regulating the various stages of clinical trials is that human subjects, who are part of the research, have to be protected. These clinical trial regulations are legislated at all stages: local, State, national and international. Clinical trial regulations are in force in different countries of the world. Common clinical trial regulations are also made globally by the International Conference on Harmonization (ICH), which has the mandate of setting out good practices for clinical trial regulations for trials done in global cooperation. These regulations cover the administrative, procedural and ethical aspects of clinical trials. Briefly, these are the areas in which there are clinical trial regulations for each of these aspects of clinical trials: Administrative: The administrative aspects of clinical trial regulations pertain to the way the clinical trials are run, and the way they are tracked and monitored throughout their lifecycle. A clinical trial is usually monitored by a sponsoring company or a Contract Research Organization (CRO), which the former hires at times for reasons of convenience and cost cutting. Clinical trial regulations in this area is obviously of importance because if something goes wrong at any administrative stage; these can be rectified. Procedural: Procedural aspects of clinical trial regulations relate to ways by which subjects are chosen for a clinical trial. Proper care has to be taken to ensure that the subjects are appropriate for the clinical study, are from the prescribed age, geographical, demographic, racial and gender-related cl

Practical steps to compliance with HIPAA Computer Policy: That the HIPAA has a clear and stringent policy on computers is absolutely understandable, because computers constitute the very soul of HIPAA. Ensuring security of patient data is one of the core causes for which HIPAA was enacted; so, it is only natural that Computer Policy should be at the center of HIPAA compliance. A HIPAA Computer Policy rule came into effect in 2005. The nub of this enactment is to ensure that there are technical, physical and administrative security procedures that must be adhered with. These are meant for Covered Entities to ensure that the data they have of patients, namely electronic Protected Health Information (PHI) is safe and secure. Understand the reason for HIPAA Computer Policy Any implementation has to start with an understanding of the rationale for the action, right? The same goes for something as important and big as implementation of HIPAA compliance into systems. HIPAA Computer Policy is in place for a specific and critical reason ���protection of patient data, loss of which can lead to hefty penalties that can affect the business very adversely. So, installing the necessary protections is the first step to protecting vital data and with it, one's own business or practice, as well. Implement a sound access policy A strong access policy is at the heart of HIPAA Computer Policy. It is in the computer systems that all the data relating to the patient are stored. So, making sure who in the organization has access to these and how and when, is very important. Not only should access be restricted to only designated and permitted personnel in the organization; there should be a system by which tracking of access is easily determined. This is to find out who accessed which record, when, what action followed, what happened as a result of this access, and so on. Keep a record of all system components This is another step to ensuring compliance with HIPAA Computer Po

Incidental disclosures form the crux of HIPAA compliance and patient care. HIPAA has elaborate rules on how to maintain these and in what situations. Health Insurance Portability and Accountability Act (HIPAA), a landmark set of federal regulations, is aimed at protecting patient privacy regulations. Yet, it is understood that some information has to necessarily be shared. HIPAA compliance and patient care is centered on the inevitable disclosures that have to be made, or what are called incidental disclosures. Initially, there was some ambiguity about incidental disclosures, resulting in some kind of haziness about HIPAA compliance and patient care. With these cleared, much of HIPAA compliance and patient care hinges on this principle. Incidental disclosures determine patient care compliance with HIPAA Incidental disclosures are what are termed secondary use, i.e., it is the unavoidable or inevitable disclosure of Protected Health Information. It is understood that incidental disclosures, being a byproduct of the course or nature of the treatment; are inescapable, given the condition and situation of the patient. Guiding factors for HIPAA compliance with patient care The aim of HIPAA's Privacy Rule is to ensure that healthcare providers have to use professional judgment guided by ethical guidelines at the time of making incidental disclosures. The following bases were propounded for adherence with HIPAA compliance and patient care: Whenever there is an unavoidable breach in confidentiality, the breach should be proportionate to the potential benefit the patient's gets from care When a patient is not present in the healthcare setting or is incapacitated, information about the patient can be shared with the family, friends or whoever else is involved in the patient's care. This protocol need not be documented. In relation to the above, a requirement of HIPAA compliance for patient care is that when the patient has a condition that is not related to the present tr

Overview: New changes modifying the HIPAA Privacy and Security Regulations are going into place to meet the privacy and security mandates within the HITECH Act in the American Recovery and Reinvestment Act of 2009. The changes include establishing new rights for individuals as well as changes to the limitations on uses and disclosures. New requirements for patient access to records and requirements to notify individuals in the event of a breach are only two of the many areas affected in the new law, including new requirements for restriction and accounting of disclosures and increased enforcement activity. Covered entities that use electronic health records (EHRs) will need to meet new access and disclosure rules and all kinds of business associates and their subcontractors will need to establish compliance programs. And if you are required to have a HIPAA Notice of Privacy Practices, you will need to update that to show all the new rights that patients will have, such as electronic copies, new rights to restrict disclosures, and much more. Business associates are now directly covered by the HIPAA privacy and security regulations and are liable for fines and penalties if they do not comply. If a business associate supplies services that interact with the new changes to the rules, the BA will need to be aware of the new requirements. We will explain what a Business Associate needs to do differently under the new regulations. Electronic records have new demands placed on them, in both providing access and in accounting for all disclosures of health information - the electronic age in health care brings new obligations to serve individuals as well as manage health information for healthcare professionals. We will discuss how disclosures must be tracked in an EHR and review the various ways patient records can be supplied electronically. The new regulations will be reviewed and their effects on usual practices will be discussed, as will what policies need to be chang

2-day In-person Seminar Applied Statistics, with Emphasis on Risk Management in R&D, QA/QC, and Manufacturing Overview: The 2-day seminar explains how to apply statistics to manage risk in R&D, QA/QC, and Manufacturing, with examples derived mainly from the medical device design/manufacturing industry. The flow of topics over the 2 days is as follows: ISO standards and FDA/MDD regulations regarding the use of statistics. Basic vocabulary and concepts. Statistical Process Control Statistical methods for Design Verification Statistical methods for Product/Process Qualification Metrology: the statistical analysis of measurement uncertainty, and how it is used to establish QC specifications How to craft "statistically valid conclusion statements" (e.g., for reports) Summary, from a risk management perspective Agenda Day One Lecture 1: Regulatory Requirements Lecture 2: Vocabulary and Concepts Lecture 3: Confidence Intervals (attribute and variables data) Lecture 4: Normality Tests and Normality Transformations Lecture 5: Statistical Process Control (with focus on XbarR charts) Lecture 6: Confidence/Reliability calculations for Proportions Lecture 7: Confidence/Reliability calculations for Normally distributed data (K-tables) Lecture 8: Process Capability Indices calculations(Cp, Cpk, Pp, Ppk) Day Two Lecture 1: Confidence/Reliability calculations using Reliability Plotting (e.g., for non-normal data and/or censored studies) Lecture 2: Confidence/Reliability calculations for MTTF and MTBF (this typically applies only to electronic equipment) Lecture 3: Statistical Significance: t-Tests and related "power" estimations Lecture 4: Statistical Significance: ANOVA calculations Lecture 5: Metrology (Gage R&R, Correlation, Linearity, Bias , and Uncertainty Budgets) Lecture 6: QC Sampling Plans (C=0 and Z1.4 attribute AQL plans, and alternatives to such plans) Lecture 7: Statistically valid statements for use in reports Lecture 8: Summary and Impleme

Overview: The objectives of this course will be to go over the specific risks associated with business associates as it relates to HIPAA compliance. I will uncover myths versus reality as it relates to this very enigmatic law based on over 600 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. Times have changed and unfortunately many businesses are losing clients or unable to get new clients due to problems with their compliance program or lack of a compliance program. I will demonstrate from real life audits conducted by the Federal government what your highest risks are for being fined (some of the risk factors may surprise you). In addition this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. States are being encouraged by the Federal government to implement new laws to remedy their citizens. Why should you Attend: Protect your business! Business associates are now required to comply directly with the HIPAA legislation! Many businesses are losing clients or unable to get clients because of compliance issues. We will be discussing the changes taking place in Washington DC with the Health and Human Services in relating to new risks business associates face under HIPAA. I will also be discussing factors might cause an unwanted visit or letter from the Office of Civil Rights and how to prepare for the audit and deal with the Feds Areas Covered in the Session: Updates for 2016 What to do if a client requires more than just a signed business associate agreement Fines Policy and Procedure Who Will Benefit: Any business associates who work with medical practices or hospitals (i.e. billing companies, transcription companies, IT companies, answering services, home health, coders, attorneys, etc) Speaker Profile Brian Tuttle is a Certified Professional in H