Group items matching

in title, tags, annotations or url

Understanding Medical Identity Theft and ways of preventing it Medical Identity Theft is a common phenomenon in today's situation, where most health records are digitized. Although a lot of precaution goes into the security and protection of these records, Medical Identity Theft is a cause for worry. medicalIdentityTheft The most common types of data that are stolen are Social Security Number (SSN), name and the Medicare number, the most potent tools with which to impersonate and manipulate data. Why do crooks steal medical data? Medical Identity Theft happens mainly because hackers and mischief-makers access protected data to lay hands on confidential information about patients, using which they obtain medical care on behalf of the person/s whose records they steal or purchase expensive medicines. In many cases, a Medical Identity Theft is detected only after one gets a bill for a purchase or service that was never made. medicalIdentityTheft Medical Identity Theft is also committed to buy drugs and obtain fake bills that are then submitted to Medicare in the name of the original holder of the medical record. These acts can significantly dent a person's credit rating. More importantly, when wrong information or fictitious diagnosis is made into the medical record, it can lead to dangerous consequences. Ways of protection of medical data The Office of the Inspector General (OIG), which comes under Health and Human Services (HHS), realizing the gravity of the problem of Medical Identity Theft, has formulated the "3D" approach to protect medical data and prevent Medical Identity Theft. These are: Deter: One of the ways of protecting medical data is to prevent Medical Identity Theft. Users should be cautious about parting with information to anyone who claims, over phone, to have a new scheme whose enrolment requires the Social Security Number. Detect:Many fraudsters accost people at accessible public places to announce supposedly "new" medical schemes. Governm

In order to become a safe and effective medicine, a compound has to travel through a lengthy process of rigorous testing. Over the last few decades, the amount of time required to develop and test a novel drug has increased drastically. However, the introduction of social media and digital technology into drug development have the ability to significantly expedite this process. This webinar will explore the policies and principles of using social media through the evolution of developing a pharmaceutical drug from its initial stages to its introduction into the market. This includes analyzing the methods in which pharmaceutical companies utilize social media during the planning process, identifying the best candidate for the lead compound in a drug, conducting animal and human testing, recruiting candidates for clinical trials.

Overview: As the healthcare industry moves toward a value based reimbursement model rather than fee for service, it is crucial that the provider and ancillary staff understand how ineffective reporting can lead to dollars lost. We will review the 3 critical areas that require skilled management. Understand that patients are more educated about their healthcare and are increasingly responsible for more out of pocket costs. High dollar deductibles may result in self pay realities and bad debt increases. Learn areas that increase your chances for an audit. Are you ready for the challenge? Why should you Attend: Revenue is dependent upon proficiency in multiple areas. In today's environment, it is risky to maintain the status quo and increasingly important to obtain and maintain skilled business staff. The granularity of the ICD-10 code set requires understanding of the official coding conventions and guidelines, the ability to apply those guidelines, and the ability to recognize when reporting may lead to revenue delay, reduction or loss. Additionally, other factors affect your revenue stream. This includes patients with high deductible plans, collection of much more than a small co-pay, and staff understanding of regulations that govern telephone collection activity. Don't leave money on the table or invite an audit into your practice. Audits are often the result of weak billing and coding skills. This program will review several areas that will cost you money if poorly handled. Areas Covered in the Session: Required specificity in coding Documentation necessary for ICD-10 reporting Why coders must frequently query for clarification How ambiguous diagnosis reporting affects you r bottom line Internal collections versus outsourcing. What should you consider Staff effective in handling problem claims? Developing appeals? Who Will Benefit: Coders Billers Revenue cycle Physicians Mid-level providers Nurses Claims follow-up Managers Managers Speaker Profil

Overview: Final regulations for the new HIPAA Breach Notification Rule require much more than notifying individuals affected by a Breach of their Protected Health Information (PHI). Covered Entities and Business Associates first must follow and document a very specific process to determine if a Breach occurred. If no Breach occurred documentary proof must be kept for six years. If a Breach did occur timely notifications and other actions must be undertaken and documented. This webinar will explain: What Covered Entities and Business Associates must do to comply with the Breach Notification Rule What is and is not a Breach Three exceptions - when an acquisition, access, use, or disclosure of PHI not permitted by the Privacy Rule is not a Breach How to perform a Breach Risk Assessment to determine if you can demonstrate a a low probability that the PHI was compromised Who must be notified in case of a Breach When notifications must be provided What information must be contained in each notification Other requirements in case of a Breach Investigate Mitigate harm to affected individuals Protect against further Breaches Document everything Planning and preparation for the worst - public relations and mitigation strategies to limit damage to the organization's reputation and financial well-being Why should you attend: Breaches and incidents that might be Breaches happen all the time! More than 173,000 separate breaches of Protected Health Information (PHI) affecting less than 500 individuals were reported to the U. S. Department of Health and Human Services (HHS) between September, 2009 and May 31, 2015 and in the same period HHS received approximately 1240 reports of PHI breaches that affected 500 or more individuals An acquisition, access, use, or disclosure of PHI not permitted by the Privacy Rule is presumed to be a Breach unless it falls within an exception or the Covered Entity or Business Associate can demonstrate a low probability that the PHI was compromi

Overview: The webinar will concentrate on topics that HHS has announced will be the focus of the first round of "desk audits". They reflect significant areas of non-compliance revealed in the 2012 pilot audits and HHS HIPAA violation investigations concluded by Resolution Agreements and Corrective Action Plans. They include: HIPAA Risk Analysis Risk Management based on Risk Analysis Breach Notification Notice of Privacy Practices (for Covered Entities) Minimum Necessary Standard Access of Individuals to their PHI Authorizations Workforce Training This webinar is vital because, in focusing on preparation for a HIPAA Compliance Audit, Covered Entities and Business Associates may review, prioritize and structure their HIPAA Compliance programs. If you have HIPAA Compliance documentation ready to submit on two weeks notice to HHS you are implementing an effective HIPAA Compliance program. In addition, every Covered Entity or Business Associate may face an HHS HIPAA Compliance investigation at any time due to a complaint or a Breach. If you are "audit ready" you will be ready for an investigation - and better able to avoid complaints and prevent breaches. Why should you attend: Every Covered Entity and Business Associate is liable - without prior notice - to be audited for HIPAA Compliance by HHS You will have only 2 weeks after receiving your HIPAA Compliance Audit notification and data request to upload all requested documents to an HHS HIPAA Compliance Audit Portal The HIPAA Compliance Audit data request you receive will specify content and file organization, file names and any other document submission requirements Auditors will not contact an audited entity for clarifications or ask for additional information - it is essential that submitted documents are current, accurately reflect the entity's HIPAA Compliance program and demonstrate HIPAA Compliance Only data submitted on time will be assessed Failure to respond on time may be referred to the HHS regional

Overview: Participants will understand the importance of responding to the OCR pre-audit requests and how to respond. Our discussion will cover how to prepare for an anticipated OCR HIPAA privacy audit, by discussing how to conduct an internal self-assessment of your privacy program. We will discuss how to conduct the self-assessment, whether it be the need for policies, procedures or obtaining all of your business associates information. Why should you Attend: If you have received a request from the OCR to provide the name of your entities privacy official and additional criteria, you are already aware that you are on the OCR's radar and may be the focus of an audit. If you haven't received a request yet, anticipate receiving one soon. In addition to ensuring that your HIPAA program is audit ready, you also need to ensure that you know all of your business associates and have their information readily available to provide to the OCR. Your entity needs to be ready now, as the OCR will either conduct focused desk audits, on-site audits or both in effort to review documentation of evidence of your compliance with the HIPAA regulation. Areas Covered in the Session: Office of Civil Rights "OCR" requests for privacy official and additional information and timeline for response Internal assessment criteria of privacy program in anticipation of an OCR audit Conducting the assessment using the template based upon HIPAA regulations Discuss methods to address any found deficiencies Workforce training Who Will Benefit: Healthcare providers Compliance and Internal Audit professionals or office staff responsible for ensuring patient privacy Healthcare Administrators Business Associates and all HIPAA Covered Entities Speaker Profile Gail Madison Brown is a registered nurse and an attorney with over 25 years of experience in health care. For the last 15 years she has focused on health care compliance and revenue cycle management operations. Gail's experience ranges

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your healthcare practice, business, or organization needs to understand how to put HIPAA compliance program in place or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive course. Why should you Attend: With an increase in HIPAA enforcement and Phase 2 audits underway, many organizations need to fully understand the requirements of a compliance program. Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and what steps need to taken to mitigate risk. After completing this course, a Covered Entity or Business Associate will have a clear roadmap for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? Who Must Comply with HIPAA Requirements? What are the HIPAA Security and Privacy Rules? What is a HIPAA Compliance Program? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Assessment? What are HIPAA training requirements? What is a HIPAA data breach and what happens if it occurs? What are the penalties and fines for non-compliance and how to avoid them? Creating a Culture of Compliance Questions Who Will Benefit: Com

Overview: Drug and device research is confusing and difficult on its own but when you start combining drugs with devices the regulatory landscape changes as there are more nuances to deal with. Knowing how drug and device studies are each regulated is important in navigating the challenges posed by studies that wish to use both. It is also important to be aware of current guidance affecting the use of both drugs and devices in a study as well current guidance affecting the classification of devices. Why should you attend: Information on drugs and devices is plentiful. But, it can also be daunting .The webinar will give attendees a foundation and a starting point on which they can build. Learning objectives: Define drug research Define device research Explore the differences between the two Describe requirements when drugs and devices are combined in one study Areas Covered in the Session: Defining Drug Research FDA approved drugs Investigational drugs Compassionate use Defining Device Research FDA approved devices 510 K devices Humanitarian Device Exemptions Invitro Diagnostic Devices Investigational Devices Federal regulations governing drugs and devices Guidance governing drugs and devices Combining devices and drugs into one study What are the requirements? What are the regulations and guidance? How these studies are reviewed Who Will Benefit: Investigators Researchers Research Staff Study Coordinators Auditors Research Administrators Speaker Profile Sarah Fowler-Dixon is Education Specialist and instructor with Washington University School of Medicine. She has developed a comprehensive education program for human subject research which has served as a model for other institutions. She crafted budgets, policies, procedures, reporting, and training for the new program. She has initiated the planning, development, authorship and implementation of many human subjects research policies, practices, guidelines, submission and reviewer forms often working with st

Overview: The trial master file is a hard copy of all documentation relating to a clinical trial. It contains essential documents. When studies are conducted under ICH E6 Good Clinical Practices (GCP), this collection of documents must be present before, during and after the trial. These documents help provide quality assurance and help researchers evaluate their compliance with GCP, federal regulations and applicable laws. Why should you Attend: Anyone responsible for handling trial documentation or quality assurance activities. Areas Covered in the Session: Trial Master File (TMF): what is it? Essential documents required ICH guidelines and Good Clinical Practice (GCP) Food and Drug Administration (FDA) guidance and expectations Paper or electronic trial master files - what is allowable Links to useful resources Who Will Benefit: This webinar will provide valuable assistance to all personnel in: Human Subjects Research Healthcare interested in exploring the field of Clinical Research New Clinical Research Coordinator positions (1-2 years) New Principal Investigator positions Administration in charge of Clinical Research Regulatory Compliance Speaker Profile Sarah Fowler-Dixon is Education Specialist and instructor with Washington University School of Medicine. She has developed a comprehensive education program for human subject research which has served as a model for other institutions. She crafted budgets, policies, procedures, reporting, and training for the new program. She has initiated the planning, development, authorship and implementation of many human subjects research policies, practices, guidelines, submission and reviewer forms often working with state and federal authorities. She has provided consultation regarding ethical, federal, state, and institutional requirements for faculty and staff both in the design and execution of their projects and teaches research ethics and regulatory affairs and the fundamentals of research manageme

Overview: Participants will learn how to conduct an investigation of allegations of patient privacy violations using a privacy "risk analysis" tool and steps that should be taken when a breach has been determined. Why should you Attend: You must conduct a prompt and thorough investigation of all allegations of privacy violations. A violation of a patient's privacy may result in monetary penalties, harm to your reputation and especially harm to a patient. You need to make certain your organization has the expertise to conduct a thorough privacy investigation, analyze the results and take all necessary action to mitigate and report violations when required. Areas Covered in the Session: Best practices for conducting a privacy investigation Use of the risk analysis tool Interpretation of your results Reporting requirements if necessary Recommendations of continued privacy monitoring Workforce training Who Will Benefit: Healthcare providers Compliance and Internal Audit professionals or office staff responsible for ensuring patient privacy Healthcare Administrators Business Associates and all HIPAA Covered Entities Speaker Profile : Gail Madison Brown is a registered nurse and an attorney with over 25 years of experience in health care. For the last 15 years she has focused on health care compliance and revenue cycle management operations. Gail's experience ranges from starting new compliance programs and making improvements to existing programs for physician practices to large health care organizations. Gail also has provided numerous lectures to healthcare providers, executives and professional colleagues. Gail Madison Brown will develop, implement, and oversee processes, systems, educational programs, and other activities necessary to support and grow clinical trials activities at the UT Health Science Center. The Chief Clinical Trails Officer (CCTO) provides overall strategic leadership in this area including planning, goal setting, and monitoring organ

Seminar on Analytical Instrument Qualification and Validation: Understanding to Prepare for FDA Audits to become Part 11 Compliant at Boston, MA Course "Analytical Instrument Qualification and Validation: Understanding to Prepare for FDA Audits to become Part 11 Compliant" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: In this two day workshop conference you will learn the different global agencies expectations of analytical equipment qualification along with the development of a sound process validation program in order to develop and implement bulletproof solutions that are accepted, effective, and efficient. Through case study analysis we will examine best practices to provide thoughts and ideas to develop or improve the performance of your current system. Additionally, case studies will explore how your management practices of your analytical equipment qualification/ validation and process validation programs can help or hurt your legal liability and the legal issues that arise from nonconformance with regulators and Auditors. This seminar will help attendees understand the instrument qualification and system validation processes and will provide instruction on how to prepare for FDA audits and how to become part 11 compliant. Why should you attend? The cost of non-compliance is therefore more than that of compliance. Are you in compliance with the FDA regulations for analytical equipment qualification and validation in your facility? Areas Covered in the Session: * Learn about the regulatory background and requirements for laboratory instrument qualification and system validation * Understand the logic and principles of instrument qualification and system validation from validation planning reporting * Understand and be able to explain your company's qualification and validation strategies * Be able to independently prepare execute test protocols, this includes s

Course "The A to Z's of HIPAA Privacy, Security, and Breach Notification Rules" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: This session is designed to provide intensive, two-day training in HIPAA compliance, including what's new in the regulations, what's changed recently, and what needs to be addressed for compliance by covered entities and business associates. The session provides the background and details for any manager of healthcare information privacy and security to know what are the most important privacy and security issues, what needs to be done for HIPAA compliance, and what can happen when compliance is not adequate. Audits and enforcement will be explained, as well as privacy and security breaches and how to prevent them. Numerous references and sample documents will be provided. Who Will Benefit: * Information Security Officers * Risk Managers * Compliance Officers * Privacy Officers * Health Information Managers * Information Technology Managers * Medical Office Managers * Chief Financial Officers * Systems Managers * Legal Counsel * Operations Directors Agenda: Day One Day one sets the stage with an overview of the HIPAA regulations and then continues with presentation of the specifics of the Privacy Rule, recent changes to the rules, and the basics of the Security Rule Lecture 1: Overview of HIPAA Regulations * The Origins and Purposes of HIPAA * Privacy Rule History and Objectives * Security Rule History and Objectives * Breach Notification Requirements, Benefits, and Results Lecture 2: HIPAA Privacy Rule Principles, Policies and Procedures * Patient Rights under HIPAA * Limitations on Uses and Disclosures * Required Policies and Procedures * Training and Documentation Requirements Lecture 3: Recent and Proposed Changes to the HIPAA Rules * New Penalty Structure * New HIPAA Audit Program * New Patient Rights

Course "Texting and E-mail with Patients: Patient Requests and Complying with HIPAA " has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: With the recent advances in portable technology, more and more organizations and their users are taking advantage of mobile devices to save time and get work done more efficiently. Texting, portable e-mail, and Apps are revolutionizing the ways health care providers interact with their patients and get their work done. But the use of these devices comes with hidden costs of compliance, especially if they lead to a reportable breach under HIPAA or state laws. HIPAA Privacy and Security Officers have been struggling to keep up with the use of the devices to protect patient privacy and avoid compliance issues. Even if these devices aren't in formal use in your organization, you need to act now to anticipate their use and make sure they are used properly. This session is designed to provide intensive, two-day training in HIPAA compliance as it relates to the use of mobile devices, including how to use them with Protected Health Information, the policies and procedures you need to have in place to use them securely, and how to manage issues of the "BYOD" phenomenon. The session provides the background and details for any manager of health information privacy and security to know what issues to look for with mobile devices, what needs to be done for HIPAA compliance, and what can happen when compliance is not adequate. Audits and enforcement will be explained, as well as privacy and security breaches and how to prevent them. Numerous references and sample documents will be provided. The session will be valuable for both newcomers to HIPAA compliance as well as seasoned veterans. HIPAA compliance will be explained and discussed in detail, from the basics through the latest changes and new technology issues, so that the attendee will have a coherent u

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the understanding the fundamentals of a HIPAA and how you will be required to demonstrate your organization's compliance program. If your healthcare practice, business, or organization needs to understand how to be prepared for an increase in HIPAA enforcement and make sure your current safeguards are adequate and can withstand government scrutiny, please join us for this informative and interactive course. Why should you Attend: BAll most 120,000,000 individuals were affected by HIPAA data breaches in 2015. This is a significant reason why Congress has inquired about the recent and very sizeable increases in cyber-attacks that inflect the risk of medical identity theft. The HHS Office for Civil Rights not only are conducting audits but is looking to increase HIPAA enforcement. Attendees will leave the course clearly understanding of all the requirements that must be in place for HIPAA and how to demonstrate compliance if audited. After completing this course, a Covered Entity or Business Associate will be able to know what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? What are the HIPAA Security and Privacy Rules? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Assessment? What are HIPAA training requirement

Overview: This webinar provides an overview of the MACRA legislation and developing regulations and guidelines. We'll help you understand how medical practices will be paid in the future for services to Medicare patients. You'll be asked to choose between two paths. If you choose to participate with other providers in an Advanced Payment Model, the larger organization will be paid for services provided and determine how to share those payments as well as any cost savings among the participants. If you choose the Merit-Based Incentive Payment System (MIPS), your payment rate will vary based on how you perform on a variety of Medicare Quality Programs - PQRS, VBM, Meaningful Use and a 4th new component focused on Quality Improvement. You'll want to know as much as possible about the pros and cons of each option and how to make the right choice for your practice. Why should you Attend: Under the MACRA legislation, your providers will need to choose between participating in an Advanced Payment Model (APM) or participating in the new Merit-Based Incentive Payment System. Making the wrong choice can result in significant reductions in your future Medicare payments. You'll want to understand the options and have a plan in place by January 1, 2017 - that's only 6 months away. Areas Covered in the Session: Learn the requirements of the new MACRA legislation and how it will impact your Medicare payments in 2019 and beyond Find out what you need to be doing now to ensure you don't lose Medicare revenue in future years Understand the options - APM vs MIPS - and how your Medicare payments can increase or decrease under each model Identify what aspects of the new payment methodology are written into the legislation, what has been released through proposed regulations and when final rules are expected. Who Will Benefit: Practice Administrators, CEOs, COOs Physicians and all providers who bill to Medicare Quality Officers Nurse leaders Finance Directors Speaker Pro

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your organization needs to understand the role of the HIPAA Security Official, the requirements, and make sure the current compliance program is adequate and can withstand government scrutiny, please join us for this informative and interactive course. Why should you Attend: The role of the HIPAA Security Official is critically important in complying with the HIPAA Security Rule. Besides being responsible for many of the daily operations within an organization, the Security Official is tasked with managing the HIPAA compliance program. Knowing what is required is part of the Security Official's duties. Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and to make sure on organization has the proper policies and procedures in place. After completing this course, a HIPAA Security Official will have a clear understanding for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? Who Must Comply with HIPAA Requirements? What are the HIPAA Security and Privacy Rules? The Role of the HIPAA Security Official What is a HIPAA Compliance Program? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Asses

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the understanding the fundamentals of a HIPAA compliance. If your healthcare practice, business, or organization needs to understand what is required to protect health records or make sure your current safeguards are adequate and can withstand government scrutiny, please join us for this informative and interactive course. Why should you Attend: With a substantial increase HIPAA data breaches, organizations must understand the requirements to safeguard protected health information. Attendees will leave the course clearly understanding of all the requirements that must be in place for protecting the health records their organizations maintain, create, transmit, or store. After completing this course, a Covered Entity or Business Associate will have a clear understanding for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? Who Must Comply with HIPAA Requirements? What are the HIPAA Security and Privacy Rules? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Assessment? What are HIPAA training requirements? What is a HIPAA data breach and what happens if it occurs? What are the penalties and fines for non-compliance and how to avoid them? Creating a Culture of Compliance Questions Who Will Benefit: Compliance Of

Course "Key Factors to Write an Effective Standard Operating Procedure (SOP) and Work Instructions (WIs)" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Writing SOPs or procedural documents can be challenging at times. However, writing SOPs is overall a straightforward process. However, enforcing what you already created and implemented in the pipeline is another story. The term SOP is very obvious. We have seen "clearly written description of how specific tasks are to be done." Another satisfactory definition would be "detailed written instructions that achieve the uniformity of the performance of a specific function." Is the firm doing what the regulations specify? Is the firm doing what their procedures specify? If you are medical device or a pharmaceutical manufacturer, these definitions come as no surprise because when it comes to FDA regulations and guidance documents "establish" means to define, to document (in writing or electronically) and to implement. The goal and emphasis with FDA is simple. Proof of "Establish" is the foundation. Is the firm doing what the regulations specify? Is the firm doing what their procedures specify? Are the procedures being followed and enforced by company personnel? SOPs are needed in regulated industries to give step-by-step instructions for performing a particular job or task. This session will provide a step-by-step overview and a snapshot of the procedure description, the process and format. The subject matter of a SOP may range from how to operate a piece of machinery to how to log into a particular software program. SOPs ensure consistency and reliability because they require training of all affected parties. This session will address recent enforcement actions for SOP related violations but no surprise. Most of our enforcement actions are documentation related, i.e., SOP or other procedural documents. We will review examples from

Overview: With the recent advances in portable technology, more and more organizations and their users are taking advantage of mobile devices to save time and get work done more efficiently. Texting, portable e-mail, and Apps are revolutionizing the ways health care providers interact with their patients and get their work done. But the use of these devices comes with hidden costs of compliance, especially if they lead to a reportable breach under HIPAA or state laws. HIPAA Privacy and Security Officers have been struggling to keep up with the use of the devices to protect patient privacy and avoid compliance issues. Even if these devices aren't in formal use in your organization, you need to act now to anticipate their use and make sure they are used properly. This session is designed to provide intensive, two-day training in HIPAA compliance as it relates to the use of mobile devices, including how to use them with Protected Health Information, the policies and procedures you need to have in place to use them securely, and how to manage issues of the "BYOD" phenomenon. The session provides the background and details for any manager of health information privacy and security to know what issues to look for with mobile devices, what needs to be done for HIPAA compliance, and what can happen when compliance is not adequate. Audits and enforcement will be explained, as well as privacy and security breaches and how to prevent them. Numerous references and sample documents will be provided. The session will be valuable for both newcomers to HIPAA compliance as well as seasoned veterans. HIPAA compliance will be explained and discussed in detail, from the basics through the latest changes and new technology issues, so that the attendee will have a coherent understanding of not only the rules, but also how to think about compliance and make sound compliance decisions on a day-to-day basis in the context of mobile devices. Agenda Day One Day one sets the stage with an ov

Overview: FDA 7348.811 section 1 states, "Regardless of the type of system used by the clinical site, the regulatory requirements for clinical data do not change whether clinical data are captured on paper, electronically, or using a hybrid system." What type of system is best for your program and investigator capabilities? The wrong choice yields inspectional non compliance. The right choice of electronic data capture, direct data entry, and data management depends on a sponsor assessment of the systems and procedures at the investigator site as compliant with FDA inspectional requirements. Additional source documentation procedures (origination, authorization, and signature) are required at the investigator site to address the electronic data capture process. It is these three FDA mandated inspectional criteria, applicable to every electronic data element, that generate most of the significant inspectional noncompliant findings. Some data elements are more likely to be associated with the findings of noncompliance than others. It is in fact difficult to determine which data requires or does not require original source documentation and what defines "original source documentation". Why should you attend: Investigators commonly assume that the new guidance and regulations reduce the need for source documentation in clinical trials. In fact, there are new procedural documents relevant to the electronic source documents and direct data entry that are required to comply with the current inspectional standards and the final guidance. Sponsor due diligence in choosing, training, and monitoring investigator sites to enable the use of compliant electronic data capture is required. Basic knowledge of part 11 and GCP requirements will be helpful in attending this advanced webinar. The focus will be on the additional FDA inspectional requirements for electronic data capture, and the impact of using electronic data capture on the seven FDA inspectional priority objectives