ComplianceOnline

Register

Toll Free: +1-888-717-2436


customer care
Fax: +1-650-963-2556
Email: editor@complianceonline.com
Read Frequently Asked Questions

HIPAA and Business Associates - New Responsibilities and Obligations

Buy Now Section

This webinar will discuss the significant changes to the HIPAA rules for business associates, the new challenges for HIPAA covered entities and business associates, and new risks for non-compliance and penalties.

Speaker
Instructor: Jim Sheldon-Dean
Product ID: 702610

Why Should You Attend:

Since the new regulations have expanded the obligations of HIPAA business associates, it is now more important than ever to carefully consider whether a BA designation is appropriate or not – business associate agreements are not to be entered into lightly. The new requirements have a direct impact on what needs to be put into the business associate agreements you establish.

In addition, other changes put into effect new rights of individuals to receive electronic copies of information held electronically, ask for certain restrictions on disclosures, and other capabilities that business associates may need to provide for their covered entity clients. All covered entities, and now, business associates of covered entities as well, need to review their HIPAA compliance, policies, and procedures to see if they are prepared to meet the changes in the rules.

In addition, business associates have emerged as a leading source of health information breaches, and this course will discuss what covered entities should do to ensure good practices by their business associates in order to avoid the considerable expense of breaches.

Areas Covered in the Webinar:

Who Will Benefit:

This webinar will provide valuable assistance to all personnel in medical offices, practice groups, hospitals, academic medical centers, insurers, business associates (shredding, data storage, systems vendors, billing services, etc.). The titles are:

Instructor Profile:

Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a variety of health care providers, businesses, universities, small and large hospitals, urban and rural mental health and social service agencies, health insurance plans, and health care business associates. He serves on the HIMSS Information Systems Security Workgroup, has co-chaired the Electronic Data Interchange Privacy and Security Workgroup, currently serves on the WEDI Breach Notification sub-workgroup, and is a recipient of the 2011 WEDI Award of Merit. He is a frequent speaker regarding HIPAA and information privacy and security compliance issues at seminars and conferences, including speaking engagements at AHIMA national and regional conventions and WEDI national conferences, and before regional HFMA chapter meetings and state hospital associations.

Mr. Sheldon-Dean has nearly 30 years of experience in policy analysis and implementation, business process analysis, information systems and software development. His experience includes leading the development of health care related websites; award-winning, best-selling commercial utility software; and mission-critical, fault-tolerant communications satellite control systems. In addition, he has eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. Mr. Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master's degree from the Massachusetts Institute of Technology.

Topic Background:

New updates to the HIPAA regulations now being enforced contain numerous changes based, for the most part, on the HITECH Act passed in 2009. Some of the most significant changes have to do with how business associates of HIPAA covered entities are treated under the regulations. HIPAA business associates are now covered directly under the Privacy Rule’s use and disclosure limitations, the Security Rule’s safeguard provisions, and the Breach Notification Rule’s notification requirements, and will be responsible for their own compliance with the regulations, and may be held directly liable for any violations of the regulations.

The latest regulations also change such things as who is a business associate: the definition now casts a much wider net of healthcare business activities, including any business that creates, receives, maintains, or transmits any protected health information on behalf of a HIPAA covered entity or business associate, and even sub-contractors of business associates are also treated as business associates, greatly expanding the pool of entities under regulation to some that may not even be aware they have become HIPAA business associates.

Business associates have new requirements to comply with HIPAA privacy protections and security safeguards, and are subject to enforcement and penalties directly by HHS. Health information exchanges, regional health information exchanges, and e-prescribing gateways are now considered to be business associates, and sub-contractors of business associates are also considered to be business associates under the new rules.

Business associate agreements are now more important than ever, because breaches by business associates are becoming more common and carry tremendous expenses for the affected covered entities. New audit and penalty requirements increase the need to make sure covered entities and business associates are in compliance before HHS OCR knocks on the door. The new penalty structure and the new audit program mean that you are more likely to be audited for HIPAA compliance, and you may be facing significantly higher penalties for non-compliance than ever before. HHS is not the only enforcer of the new rules, state attorneys general can also initiate HIPAA enforcement actions against covered entities and business associates under the law, regardless of the regulations.

Follow us :
Bookmark and Share
Refund Policy
"Registrants may cancel up to two working days prior to the course start date and will receive a letter of credit to be used towards a future course up to one year from date of issuance.
ComplianceOnline would process/provide refund only if the Live Webinar has been cancelled. The attendee could choose between the recorded version of the webinar or refund for any cancelled webinar. Refunds will not be given to participants who do not show up for the webinar. On-Demand Recordings can be requested in exchange. Webinar may be cancelled due to lack of enrolment or unavoidable factors. Registrants will be notified 24hours in advance if a cancellation occurs."
For substitution, please email editor@complianceonline.com or call +1-650-620-3937.

Detecting and Preventing Internal and External Fraud - 80096SEM
ComplianceOnline Medical Device Summit - 2015-80231SEM

This training hasn't been reviewed yet.

Review this training

Training Options Training Duration = 90 Min
$229.00 Access Recorded Version Only
One Person - Unlimited viewing for 6 Months
(For multiple licenses contact Customer Care)
Recorded Link and Ref. material will be available in My CO Section
$349.00 Get Training CD Only
One CD is for usage in one location only.
(For multiple locations contact Customer Care)
CD and Ref. material will be shipped within 15 business days