Group items tagged

Course "Effective and Efficient Internal and Supplier Quality System Auditing for Medical Devices" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Do you want to understand how to do efficient and effective internal and supplier audits that meet all the requirements of your external auditors, but also add value to your company? Are you confused by all the requirements and guidance documents for medical device quality management systems and are tired of wading through all the regulatory language they contain. This course is for those who will do internal or supplier audits, manage an audit process for these or other company audits. This course will provide you with an easy to understand presentation on the auditing process as well as the requirements you will need to audit under ISO 13485 and the FDA Quality System Regulation (cGMP) Both FDA Quality System Regulation (QSR) and ISO 13485 require that companies do internal audits. However, because the FDA does not look at the content of internal audits, some companies do not get feedback on the true effectiveness of their internal audit system from the FDA during FDA Inspections. ISO 13485 auditors do look at internal audits, but are most concerned that you define a process that meets the requirements of the standard and are following your process. Both require that you define Auditor training is required, but this sometimes just requires reading the company's procedure, although most external auditors will look for more than this. Do you need to train new auditors for yours medical device quality management system or to audit your suppliers? Or do you need to improve the training of your internal and supplier auditors so that they add value to these audits? If you need to do either of these, this seminar will provide this training. In addition to auditing skills and hands-on auditing exercises, this seminar will provide an ove

Overview: Today's educated professionals function in a maze of different educational and training requirements, which vary from state to state and from profession to profession. Nowhere than in health care is this more evident where multidisciplinary health care practitioners work together towards a common goal for the patient. What is a profession? What areas of work require the unique professional education, training, and experience that becomes mandated by the state? What work requires professional judgment and skill so as to be regulated by the government through mandatory laws applicable to an individual person practicing his or her chosen profession? State laws are enacted for the protection of the public by legislatures in all the fifty states. A list of individual professions and their applicable statues and administrative regulations takes up entire volumes of lawbooks. These state laws impose significant regulation on these professionals, and often in very different ways found in many aspects of state regulation, from the educational process, the examination requirements, the state licensure applications, and the legal standards and rules of each unique profession. Explore how state licensure boards are created and function at the state level. While most such state agencies have common, core functions and operations, there are many differences - and some requirements that are truly the opposite from profession to profession. Review the common requirements the state imposes on the health care provider. Know the basics of professional education and licensure. Understand the difference between legally binding laws and mere codes of ethics, which are aspirational and do not form the basis for legal action. Find out how to understand and navigate the challenges presented from differing and conflicting state laws governing the many health care professions. Know where key requirements exist that are common to many professions. This program

Overview: Today's educated professionals function in a maze of different educational and training requirements, which vary from state to state and from profession to profession. Nowhere than in health care is this more evident where multidisciplinary health care practitioners work together towards a common goal for the patient. What is a profession? What areas of work require the unique professional education, training, and experience that becomes mandated by the state? What work requires professional judgment and skill so as to be regulated by the government through mandatory laws applicable to an individual person practicing his or her chosen profession? State laws are enacted for the protection of the public by legislatures in all the fifty states. A list of individual professions and their applicable statues and administrative regulations takes up entire volumes of lawbooks. These state laws impose significant regulation on these professionals, and often in very different ways found in many aspects of state regulation, from the educational process, the examination requirements, the state licensure applications, and the legal standards and rules of each unique profession. Explore how state licensure boards are created and function at the state level. While most such state agencies have common, core functions and operations, there are many differences - and some requirements that are truly the opposite from profession to profession. Review the common requirements the state imposes on the health care provider. Know the basics of professional education and licensure. Understand the difference between legally binding laws and mere codes of ethics, which are aspirational and do not form the basis for legal action. Find out how to understand and navigate the challenges presented from differing and conflicting state laws governing the many health care professions. Know where key requirements exist that are common to many professions. This program

Overview: New changes modifying the HIPAA Privacy and Security Regulations are going into place to meet the privacy and security mandates within the HITECH Act in the American Recovery and Reinvestment Act of 2009. The changes include establishing new rights for individuals as well as changes to the limitations on uses and disclosures. New requirements for patient access to records and requirements to notify individuals in the event of a breach are only two of the many areas affected in the new law, including new requirements for restriction and accounting of disclosures and increased enforcement activity. Covered entities that use electronic health records (EHRs) will need to meet new access and disclosure rules and all kinds of business associates and their subcontractors will need to establish compliance programs. And if you are required to have a HIPAA Notice of Privacy Practices, you will need to update that to show all the new rights that patients will have, such as electronic copies, new rights to restrict disclosures, and much more. Business associates are now directly covered by the HIPAA privacy and security regulations and are liable for fines and penalties if they do not comply. If a business associate supplies services that interact with the new changes to the rules, the BA will need to be aware of the new requirements. We will explain what a Business Associate needs to do differently under the new regulations. Electronic records have new demands placed on them, in both providing access and in accounting for all disclosures of health information - the electronic age in health care brings new obligations to serve individuals as well as manage health information for healthcare professionals. We will discuss how disclosures must be tracked in an EHR and review the various ways patient records can be supplied electronically. The new regulations will be reviewed and their effects on usual practices will be discussed, as will what policies need to be chang

Overview: FDA 7348.811 section 1 states, "Regardless of the type of system used by the clinical site, the regulatory requirements for clinical data do not change whether clinical data are captured on paper, electronically, or using a hybrid system." What type of system is best for your program and investigator capabilities? The wrong choice yields inspectional non compliance. The right choice of electronic data capture, direct data entry, and data management depends on a sponsor assessment of the systems and procedures at the investigator site as compliant with FDA inspectional requirements. Additional source documentation procedures (origination, authorization, and signature) are required at the investigator site to address the electronic data capture process. It is these three FDA mandated inspectional criteria, applicable to every electronic data element, that generate most of the significant inspectional noncompliant findings. Some data elements are more likely to be associated with the findings of noncompliance than others. It is in fact difficult to determine which data requires or does not require original source documentation and what defines "original source documentation". Why should you attend: Investigators commonly assume that the new guidance and regulations reduce the need for source documentation in clinical trials. In fact, there are new procedural documents relevant to the electronic source documents and direct data entry that are required to comply with the current inspectional standards and the final guidance. Sponsor due diligence in choosing, training, and monitoring investigator sites to enable the use of compliant electronic data capture is required. Basic knowledge of part 11 and GCP requirements will be helpful in attending this advanced webinar. The focus will be on the additional FDA inspectional requirements for electronic data capture, and the impact of using electronic data capture on the seven FDA inspectional priority objectives

Course "HIPAA Security & Privacy Official - Roles and Responsibilities" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Being the HIPAA Security and Privacy Official involves not only ensuring you know the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your HIPAA Security and Privacy Official needs to understand what all the HIPAA requirements are or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive seminar. Why you should attend: The HIPAA Security and Privacy Official is the backbone of any organization's compliance program. Often times this role is assigned as collateral duty in smaller organizations. Regardless the size of an organization, the HIPAA Security and Privacy Official must know all the requirements for compliance. This is a critical element of the position. Attendees will leave the course clearly understanding the role and all the requirements as the designated as a HIPAA Security and Privacy Official. This seminar will cover reviews, creation, and amending policy and procedure. After completing this course, a HIPAA Security and Privacy Official will have a clear understanding for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? The Role and Responsibilities of the HIPAA Security and Privacy Official Complying with HIPAA Requirements? What are the HIPAA Security

Overview: Today's health care delivery occurs in a diverse, fast-changing, multidisciplinary health care environment. This often presents challenges to the health care professional that are not easy to navigate. Medical records and their confidentiality have long been the exclusive province of state law, but has now been recognized for some time in the federal HIPAA statutes and federal regulations. Differing and even conflicting sources of requirements at the state level still exist for the retention and disposition of medical records. These sources may vary based upon the specific health care practitioner - whether physicians, dentists, psychologists, or other health care providers, including mental health practitioners. As to the specific, individual health care practitioner, state laws mandate their confidentiality, retention, and even their specific content with regards to patient, clinical records. In addition to these clinical requirements, additional state laws set forth the content and retention of other types of records kept by the professional, such as supervisory agreements with other professionals subordinate to them as well as their own unique record content requirements. With the majority of medical records moving to an electronic format, special rules now exist with regard to the confidentiality, security, retention, and disposition of electronic medical records. This is particularly important as state laws continue to allow for and regulate the provision of telemedicine by various health care practitioners. For example, while psychotherapy and mental health services are ideal treatments to offer over the internet, that is, by simultaneous audio-visual transmission between the doctor and the patient, the risks of breaches of confidentiality also vastly increase. And when the successful doctor-patient relationship is over, how does the health care practitioner providing a mental health service dispose of these electronic records? In addition to

Overview: Today's health care delivery occurs in a diverse, fast-changing, multidisciplinary health care environment. This often presents challenges to the health care professional that are not easy to navigate. Medical records and their confidentiality have long been the exclusive province of state law, but has now been recognized for some time in the federal HIPAA statutes and federal regulations. Differing and even conflicting sources of requirements at the state level still exist for the retention and disposition of medical records. These sources may vary based upon the specific health care practitioner - whether physicians, dentists, psychologists, or other health care providers, including mental health practitioners. As to the specific, individual health care practitioner, state laws mandate their confidentiality, retention, and even their specific content with regards to patient, clinical records. In addition to these clinical requirements, additional state laws set forth the content and retention of other types of records kept by the professional, such as supervisory agreements with other professionals subordinate to them as well as their own unique record content requirements. With the majority of medical records moving to an electronic format, special rules now exist with regard to the confidentiality, security, retention, and disposition of electronic medical records. This is particularly important as state laws continue to allow for and regulate the provision of telemedicine by various health care practitioners. For example, while psychotherapy and mental health services are ideal treatments to offer over the internet, that is, by simultaneous audio-visual transmission between the doctor and the patient, the risks of breaches of confidentiality also vastly increase. And when the successful doctor-patient relationship is over, how does the health care practitioner providing a mental health service dispose of these electronic records? In addit

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the understanding the fundamentals of a HIPAA compliance. If your healthcare practice, business, or organization needs to understand what is required to protect health records or make sure your current safeguards are adequate and can withstand government scrutiny, please join us for this informative and interactive course. Why should you Attend: With a substantial increase HIPAA data breaches, organizations must understand the requirements to safeguard protected health information. Attendees will leave the course clearly understanding of all the requirements that must be in place for protecting the health records their organizations maintain, create, transmit, or store. After completing this course, a Covered Entity or Business Associate will have a clear understanding for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? Who Must Comply with HIPAA Requirements? What are the HIPAA Security and Privacy Rules? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Assessment? What are HIPAA training requirements? What is a HIPAA data breach and what happens if it occurs? What are the penalties and fines for non-compliance and how to avoid them? Creating a Culture of Compliance Questions Who Will Benefit: Compliance Of

Course "Validation and 21 CFR 11 Compliance of Computer Systems: Intermediate to Advanced" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Computer Systems Validation (CSV) also known as Software Validation is all-pervasive in the Life Sciences Industry. It is a requirement of all the predicate rules, as well as 21 CFR 11 and Annex 11. However, unless one knows how to implement CSV, it is often very hard to detect the requirement for CSV, and very hard to determine what needs to be done, to meet domestic and / or international regulations or business continuity requirements. In addition, the FDA has stepped up 21 CFR 11 inspections that include CSV. This course will build on the Validation and 21 CFR 11 Compliance Basic Course, to give hands on experience on executing on the computer systems validation of a system, and to discuss related activities such as Validation Master Plan, Infrastructure Qualification, Project Management for Validation and Validation of Test Tools The attendees must have attended the Basic Validation & 21 CFR 11 Compliance. This is a very hands-on class and the attendees will be expected to use templates provided in the class to create the complete package for the validation of a system The Seminar: This Hands-On course will provide the attendees with more detailed experience on validation / 21 CFR 11 compliance of a computer system, as well as details for activities associated with computer systems validation as follows: 1. Validation Master Plan 2. Complete Validation for a System 3. Excel Spreadsheet Validation 4. Change Control 5. SOPs 6. Test Tools Validation 7. Project Management for Validation Who Should Attend : * VP of IT * Director of IT * Quality Managers * Project Managers (for CSV / IT) * Validation Specialists * Database Administrators * System Administrators * Directors / Senior Directors of Discovery * Directors /

Course "HIPAA - Putting an Organizational Compliance Program in Place" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your healthcare practice, business, or organization needs to understand how to put HIPAA compliance program in place or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive 2 day training course. Why you should attend With an increase in HIPAA enforcement and Phase 2 audits underway, many organizations need to fully understand the requirements of a compliance program. Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and what steps need to be taken to mitigate risk. The seminar will include practical exercise to assist in knowing how to develop, review, and amend HIPAA policy and procedure. After completing this course, a Covered Entity or Business Associate will have a clear roadmap for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session * Why was HIPAA created? * What is HITECH and the Omnibus Rule? * Who Must Comply with HIPAA Requirements? * What are the HIPAA Security and Privacy Rules? * What is a HIPAA Compliance Program? * What is a HIPAA Risk Management Plan? * What is meant by

Course "HIPAA - Putting an Organizational Compliance Program in Place" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your healthcare practice, business, or organization needs to understand how to put HIPAA compliance program in place or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive 2 day training course. Why you should attend: With an increase in HIPAA enforcement and Phase 2 audits underway, many organizations need to fully understand the requirements of a compliance program. Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and what steps need to be taken to mitigate risk. The seminar will include practical exercise to assist in knowing how to develop, review, and amend HIPAA policy and procedure. After completing this course, a Covered Entity or Business Associate will have a clear roadmap for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: · Why was HIPAA created? · What is HITECH and the Omnibus Rule? · Who Must Comply with HIPAA Requirements? · What are the HIPAA Security and Privacy Rules? · What i

Course "Validation and 21 CFR 11 Compliance of Computer Systems: Intermediate to Advanced" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Computer Systems Validation (CSV) also known as Software Validation is all-pervasive in the Life Sciences Industry. It is a requirement of all the predicate rules, as well as 21 CFR 11 and Annex 11. However, unless one knows how to implement CSV, it is often very hard to detect the requirement for CSV, and very hard to determine what needs to be done, to meet domestic and / or international regulations or business continuity requirements. In addition, the FDA has stepped up 21 CFR 11 inspections that include CSV. This course will build on the Validation and 21 CFR 11 Compliance Basic Course, to give hands on experience on executing on the computer systems validation of a system, and to discuss related activities such as Validation Master Plan, Infrastructure Qualification, Project Management for Validation and Validation of Test Tools The attendees must have attended the Basic Validation & 21 CFR 11 Compliance. This is a very hands-on class and the attendees will be expected to use templates provided in the class to create the complete package for the validation of a system The Seminar: This Hands-On course will provide the attendees with more detailed experience on validation / 21 CFR 11 compliance of a computer system, as well as details for activities associated with computer systems validation as follows: 1. Validation Master Plan 2. Complete Validation for a System 3. Excel Spreadsheet Validation 4. Change Control 5. SOPs 6. Test Tools Validation 7. Project Management for Validation Who Should Attend: * VP of IT * Director of IT * Quality Managers * Project Managers (for CSV / IT) * Validation Specialists * Database Administrators * System Administrators * Directors / Senior Directors of Discovery * Directors / Senior

Course "Supplier Management for Medical Device Manufacturers" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Supplier selection and management is one of the critical issues for medical device manufacturers. Suppliers provide materials and services to the device manufacturer, which means that they can be critical to performance and delivery of your device. Neither the FDA nor your notified body regulates your suppliers (with a few exceptions). They expect you to have an effective process to ensure your suppliers perform in the regulatory environment. How well do you understand the requirements for supplier management? Could you pass a regulatory audit or inspection without any issues? This course delivers the tools, templates, and methods to help participants implement an effective and efficient supplier management program. This two-day hands-on course provides a clear understanding of the underlying principles of supplier management. The course uses exercises to solidify understanding. In addition, the course uses FDA Warning Letters to illustrate the points and help you learn from others. As part of the practical implementation, the course includes receiving acceptance activities, outsourced processes, process validation at the suppliers' location, supplier auditing techniques, and supplier issues in management review. The course uses the Global Harmonization Task Force (GHTF) framework, but expands it to cover other issues and techniques important in effective implementation. Why should you attend: Since FDA regulations do not allow them to audit your suppliers unless they make finished medical devices, they require that you have sufficient control over them. But from time to time the FDA makes a reinterpretation of what this means. This happened within the last f 5 years, so if you supplier management program is older than that, you need to make major changes in you supp

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your organization needs to understand the role of the HIPAA Security Official, the requirements, and make sure the current compliance program is adequate and can withstand government scrutiny, please join us for this informative and interactive course. Why should you Attend: The role of the HIPAA Security Official is critically important in complying with the HIPAA Security Rule. Besides being responsible for many of the daily operations within an organization, the Security Official is tasked with managing the HIPAA compliance program. Knowing what is required is part of the Security Official's duties. Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and to make sure on organization has the proper policies and procedures in place. After completing this course, a HIPAA Security Official will have a clear understanding for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? Who Must Comply with HIPAA Requirements? What are the HIPAA Security and Privacy Rules? The Role of the HIPAA Security Official What is a HIPAA Compliance Program? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Asses

Course "Key Factors to Write an Effective Standard Operating Procedure (SOP) and Work Instructions (WIs)" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Writing SOPs or procedural documents can be challenging at times. However, writing SOPs is overall a straightforward process. However, enforcing what you already created and implemented in the pipeline is another story. The term SOP is very obvious. We have seen "clearly written description of how specific tasks are to be done." Another satisfactory definition would be "detailed written instructions that achieve the uniformity of the performance of a specific function." Is the firm doing what the regulations specify? Is the firm doing what their procedures specify? If you are medical device or a pharmaceutical manufacturer, these definitions come as no surprise because when it comes to FDA regulations and guidance documents "establish" means to define, to document (in writing or electronically) and to implement. The goal and emphasis with FDA is simple. Proof of "Establish" is the foundation. Is the firm doing what the regulations specify? Is the firm doing what their procedures specify? Are the procedures being followed and enforced by company personnel? SOPs are needed in regulated industries to give step-by-step instructions for performing a particular job or task. This session will provide a step-by-step overview and a snapshot of the procedure description, the process and format. The subject matter of a SOP may range from how to operate a piece of machinery to how to log into a particular software program. SOPs ensure consistency and reliability because they require training of all affected parties. This session will address recent enforcement actions for SOP related violations but no surprise. Most of our enforcement actions are documentation related, i.e., SOP or other procedural documents. We will review examples from

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your healthcare practice or office manager needs to understand what all the HIPAA requirements are or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive course.  Why should you Attend: The practice or office manager is the backbone of any healthcare office. Besides being responsible for many of the daily operations within an office, the practice manager is often tasked with managing the HIPAA compliance program. Knowing what is required is critically important.  Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and to make sure the practice has the proper policies and procedures in place. After completing this course, a practice or office manager will have a clear understanding for what needs to be place when it comes to all of the HIPAA regulations.  Areas Covered in the Session: Why was HIPAA created? Who Must Comply with HIPAA Requirements? What are the HIPAA Security and Privacy Rules? The Role of the HIPAA Security and Privacy Official What is a HIPAA Compliance Program? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Assessment? What are HIPAA training requirements?

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your healthcare practice, business, or organization needs to understand how to put HIPAA compliance program in place or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive course. Why should you Attend: With an increase in HIPAA enforcement and Phase 2 audits underway, many organizations need to fully understand the requirements of a compliance program. Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and what steps need to taken to mitigate risk. After completing this course, a Covered Entity or Business Associate will have a clear roadmap for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? Who Must Comply with HIPAA Requirements? What are the HIPAA Security and Privacy Rules? What is a HIPAA Compliance Program? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Assessment? What are HIPAA training requirements? What is a HIPAA data breach and what happens if it occurs? What are the penalties and fines for non-compliance and how to avoid them? Creating a Culture of Compliance Questions Who Will Benefit: Com

OSHA's Standards on Fire Protection in the Workplace : When it comes to Fire Protection in the Workplace; there are several guidelines to be followed. One could go by common sense, but it is not usually sufficient, which is why OSHA has standards relating to Fire Protection in the Workplace. Like it does for all its safety requirements; OSHA requires the employer to take obligatory steps for the protection of employees from fire. These are covered in Title 29 of the Code of Federal Regulations Part 1910 Subparts E and L; and Part 1926 Subparts C and F. Employer obligations are the core of Fire Protection in the Workplace Requiring employers to carry out roles during a fire emergency and training employees towards the same are the foundation of OSHA standards on Fire Protection in the Workplace. Training employees on OSHA's standards on Fire Protection in the Workplace entails training them on all the core areas of handling a fire: The ways of using fire exits The ways of using fire extinguishing equipment The ways by which to organize an emergency exit plan The ways of using fire exits: Fire Protection in the Workplace on fire exits involves having to put in place a well-designed exit route for employees, so that they escape during a fire easily. These should be done keeping in mind the structure of the building. Keeping the exit route free of obstacles is another important requirement of OSHA's standards on Fire Protection in the Workplace. The ways of using fire extinguishing equipment: Having portable fire extinguishing equipment is not mandatory for OSHA, but employees must be properly trained on their use, should an employer have one. These equipment have to be placed at a convenient location for everyone to access easily. The ways by which to organize an emergency exit plan: An emergency exit plan is required as part of Fire Protection in the Workplace for some kinds of employers. It is for those whose activity involves the heavy use of hazardous chemica

Overview: The webinar will concentrate on topics that HHS has announced will be the focus of the first round of "desk audits". They reflect significant areas of non-compliance revealed in the 2012 pilot audits and HHS HIPAA violation investigations concluded by Resolution Agreements and Corrective Action Plans. They include: HIPAA Risk Analysis Risk Management based on Risk Analysis Breach Notification Notice of Privacy Practices (for Covered Entities) Minimum Necessary Standard Access of Individuals to their PHI Authorizations Workforce Training This webinar is vital because, in focusing on preparation for a HIPAA Compliance Audit, Covered Entities and Business Associates may review, prioritize and structure their HIPAA Compliance programs. If you have HIPAA Compliance documentation ready to submit on two weeks notice to HHS you are implementing an effective HIPAA Compliance program. In addition, every Covered Entity or Business Associate may face an HHS HIPAA Compliance investigation at any time due to a complaint or a Breach. If you are "audit ready" you will be ready for an investigation - and better able to avoid complaints and prevent breaches. Why should you attend: Every Covered Entity and Business Associate is liable - without prior notice - to be audited for HIPAA Compliance by HHS You will have only 2 weeks after receiving your HIPAA Compliance Audit notification and data request to upload all requested documents to an HHS HIPAA Compliance Audit Portal The HIPAA Compliance Audit data request you receive will specify content and file organization, file names and any other document submission requirements Auditors will not contact an audited entity for clarifications or ask for additional information - it is essential that submitted documents are current, accurately reflect the entity's HIPAA Compliance program and demonstrate HIPAA Compliance Only data submitted on time will be assessed Failure to respond on time may be referred to the HHS regional

Overview: This webinar will cover everything that you need to know about how to handle HIPAA security incidents, breaches, and complaints and the Department of Health and Human Resources Investigations thereof. Not all security incidents are breaches, but all breaches of confidentiality are within the broad ambit of security incidents. Privacy rule violations, such as failing to give a patient a copy of his or her medical records, may also constitute a breach as the $4.2 million fine assessed against Cignet Healthcare of Prince George's County, Maryland, dramatically proved. Handling an investigation properly is key to determining not only how to handle it to mitigate any harm and to take action to prevent it from happening again but also to determine whether it is reportable to affected individuals and to DHHS. HIPAA requires a complaint procedure (policy). The webinar will suggest what such a document should contain as it also will for the required report procedure (what is reportable, who reports, to whom, and required/suggested contents of the report) and the required response procedure (what do the responsible officials do after receiving the report or the complaint). Investigating a possible security incident is key. The webinar will cover how to conduct a thorough investigation of HIPAA security incidents, breaches, and patient complaints. Finally, the second largest HIPAA civil money penalty or settlement, $4.2 million, was in large part due to the offender's failure to cooperate with the DHHS investigation. The presenter has successfully defended his clients in seven such investigations and knows how to respond to them to avoid or minimize liability. Think of a gap analysis as an examination of: What you currently have in place for HIPAA compliance. Is that adequate? Can it be done better? Is it enough? And what am I missing? Asking these questions will help establish the direction and next steps to take. It lays the ground work for a good Risk Analys