Loading Purplepass...
Seminar on HIPAA Privacy Rule Compliance - Healthcare Compliance
Presented By Complianzworld
Thursday, December 11th at 9:00am CST - Friday, December 12th, 2014
Online sale ends: 12/10/14 at 6:00pm CST
Chicago, IL 60606
-= series =-
Buy Tickets
Buy Tickets

Speaker: Jim Sheldon-Dean

Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities. Sheldon-Dean serves on the HIMSS Information Systems Security Workgroup, has co-chaired the Workgroup for Electronic Data Interchange Privacy and Security Workgroup, and is a recipient of the WEDI 2011 Award of Merit. He is a frequent speaker regarding HIPAA and information privacy and security compliance issues at seminars and conferences, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference in Washington, D.C. Sheldon-Dean has more than 30 years of experience in policy analysis and implementation, business process analysis, information systems and software development. His experience includes leading the development of health care related Web sites; award-winning, bestselling commercial utility software; and mission-critical, fault-tolerant communications satellite control systems. In addition, he has eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master’s degree from the Massachusetts Institute of Technology.

Course Description:

With the recent implementation of new HIPAA regulations in the HIPAA Omnibus Update, healthcare organizations are reviewing their compliance and making sure they have the proper policies, procedures, and forms in place. HIPAA Privacy Officers have been renewing their compliance activities and reviewing their documentation to make sure they can meet the challenges of the new rules and avoid breaches and penalties for compliance violations.

This 2 day session is designed to provide intensive, one and a half-day training in HIPAA Privacy Rule compliance, including what’s new in the regulations, what needs to change in your organization, and what needs to be addressed for compliance by covered entities and business associates. The session provides the background and details for any healthcare information privacy officer to know what the most important privacy issues are, what needs to be done for HIPAA compliance, and what can happen when compliance is not adequate. Audits and enforcement, and how Privacy regulations relate to Security and Breach regulations will be explained, as well as responding to privacy and security breaches and ways to prevent them. Numerous references and sample documents will be provided.

Reasons to attend:

Almost any healthcare-related business needs to be in compliance with the HIPAA rules, and not just providers and health plans anymore. Now the rules apply to all kinds of businesses that may create, receive, maintain, or transmit Protected Health Information. And the recent HIPAA Omnibus Update has focused new attention on the policies and procedures already in place at providers and insurers, such that the person responsible for HIPAA compliance is expected to know the rules, what's changing, and how their policies and forms need to change.

Being the HIPAA Privacy Officer is a job with a lot of responsibility, especially with the new increased penalties for violations and enhanced enforcement and audit programs. There are new patient rights and new limits on covered entities that change how you handle certain disclosures. Now more than ever, making mistakes in HIPAA compliance can lead to significant enforcement actions and fines in millions of dollars.

If you are the HIPAA Privacy Officer in your organization, you need to know what policies and procedures, and documentation, you need to have in place so you can answer questions from staff and individuals, make sure your office is using the right forms and notices, and respond to any incidents or compliance investigations. You will be the one that patients complain to if they don’t like the way you handle their data. You will be the one to reply if the US Department of Health and Human Services decides to ask you some questions about an incident, or if you get selected for a random audit.

This session will explain what HIPAA is, what the rules are and how they work. We will show what kind of documentation you need to have and how you can maintain it, as well as how compliance is audited and enforced. We will help you know what to expect from your patients and how staff may react to new policies and procedures, so you can be prepared for each day’s new HIPAA experiences.

Target Audience:

Compliance Director, CEO, CFO, Privacy Officer, Security Officer, Information Systems Manager, HIPAA Officer, Chief Information Officer, Health Information Manager, Healthcare Counsel/lawyer, Office Manager, Contracts Manager – at – Medical offices, practice groups, hospitals, academic medical centers, insurers, business associates (shredding, data storage, systems vendors, billing services, etc.)

[Click Hear for Agenda]


Day 1
Day one sets the stage with an overview of the HIPAA regulations and then continues with presentation of the specifics of the Privacy Rule and recent changes to the rules, including the impacts of required changes in your practices to meet the new rules.

8:00 – 8:30 AM: Registration

8:30 – 10:00 AM:Overview of HIPAA Regulations

  • The Origins and Purposes of HIPAA
  • Privacy Rule History and Objectives
  • Security Rule History and Objectives
  • Breach Notification Requirements, Benefits, and Results

10:00 – 10:30 AM: Break

10:30 – 12:00 noon: HIPAA Privacy Rule Principles, Policies and Procedures

  • •Patient Rights under HIPAA
  • •Limitations on Uses and Disclosures
  • •Required Policies and Procedures
  • •Training and Documentation Requirements

12:00 – 1:00PM: Lunch

1:00 – 2:30 PM: Recent Changes to the HIPAA Rules

  • New Penalty Structure
  • New HIPAA Audit Program
  • New Patient Rights
  • New Obligations for Business Associates

2:30 – 3:00 PM: Break

3:00 – 4:30PM: Implementing the New HIPAA Omnibus Rules

  • Policies and Procedures for New Patient Rights
  • Impact on Electronic Health Records
  • Modifications to the Notice of Privacy Practices
  • Business Associate Issues 

Day 2
Day two begins with a detailed examination of HIPAA Security Rule and Breach Notification requirements and how they relate to the Privacy Rule, including what you need to do to protect information and what you have to do if you don’t.  The day concludes with a session on the essential activities of documenting policies, procedures, and activities, training staff and managers in the issues and policies they need to know about, and examining compliance readiness through drills and self-audits.

8:30 – 10:00AM: HIPAA Security and Breach Notification Rule Principles

  • How the Privacy, Security, and Breach Rules Work Together
  • Security Safeguards and The Role of Risk Analysis
  • Determining What Is a Breach and What Must Be Reported
  • Incident Management and Breach Reporting

10:00 – 10:30 AM: Break

10:30 – 12:00 noon: Documentation, Training, Drills and Self-Audits

  • How to Organize and Use Documentation to Your Advantage
  • Training Methods and Compliance Improvement
  • Conducting Drills in Incident Response
  • Using the HIPAA Audit Protocol for Documentation and Self-Auditing

12:00 noon: Class Dismissed; Instructor available for questions and consultation until 1:30 PM.


Presented By

9:00am to 6:00pm
Doors open at 9:00am

General Admission: $1,399.00


complianzworld<br> Chicago, 60606


Wednesday, March 25th

Past Event
Thursday, March 5th

Past Event