HIPAA Omnibus Rule Compliance- Understanding Roles and Responsibilities of Privacy and Security Officers
Jim Sheldon-Dean, Principal and Director of Compliance Services, Lewis Creek Systems, LLC
Coming soon.. Please contact customer care for new schedule
With the recent implementation of new HIPAA regulations in the HIPAA Omnibus Update of 2013, healthcare organizations are reviewing their compliance and making sure they have the proper policies, procedures, and forms in place. HIPAA Privacy and Security Officers have been renewing their compliance activities and reviewing their documentation to make sure they can meet the challenges of the new rules and avoid breaches and penalties for compliance violations.
This session is designed to provide intensive, one and a half-day training in HIPAA Privacy and Security Rule compliance, including
- What’s new in the regulations
- What’s changed recently
- What needs to be addressed for compliance by covered entities and business associates
- What are the most important privacy and security compliance issues
- What needs to be done for HIPAA compliance
- What can happen when compliance is not adequate
This seminar will explain new individual rights and new responsibilities for covered entities and business associates. It will also explain audits and enforcement, HIPAA Security safeguards as well as security breaches and ways to prevent them. Numerous references and sample documents will be provided.
- Understand the structure of the HIPAA regulations and how they work together
- Learn what has changed in the rules based on the HIPAA Omnibus Update Rule
- Find out what are the responsibilities of the HIPAA Privacy and Security Officer
- Discover what has to be modified to meet the new rules and how to interpret them
- Understand what are the rights individuals have about their health information
- Know what are the limitations on uses and disclosures by a healthcare entity
- Learn the updated rules on using health information for marketing and fundraising
- Find out how the rules impact the use of electronic health records
- Know how to use risk analysis to make compliance decisions about safeguards
- Understand what makes a good information security policy
- Know how to respond to breaches and violations of Privacy and Security rules
- Learn how to deal with the modern portable technologies and communication methods
- Understand how to use policies, documentation, training, and drills to prepare for audits and incidents, and achieve good compliance
Who Will Benefit:
This seminar will provide valuable assistance to all personnel in Medical offices, practice groups, hospitals, pharmacies, academic medical centers, medical devices, insurers, healthcare business associates (shredding, data storage, systems vendors, billing services, lawyers, etc.). The following personnel will find this session valuable:
- Compliance Director
- Privacy Officer
- Security Officer
- Information Systems Manager
- HIPAA Officer
- Chief Information Officer
- Health Information Manager
- Healthcare Counsel/Lawyer
- Office Manager
- Contracts Manager
|Day One (8:30 AM – 4:30 PM)
||Day Two (8:30 AM – 12:30 PM)
Registration Process: 8:30 AM – 9:00 AM
Session Start Time: 9:00 AM
Day one sets the stage with an overview of the HIPAA regulations and then continues with presentation of the specifics of the Privacy Rule, recent changes to the rules, and the basics of the Security Rule.
- Overview of HIPAA Regulations
- The Origins and Purposes of HIPAA
- Privacy Rule History and Objectives
- Security Rule History and Objectives
- Breach Notification Requirements, Benefits, and Results
- HIPAA Privacy Rule Principles, Policies and Procedures
- Patient Rights under HIPAA
- Limitations on Uses and Disclosures
- Required Policies and Procedures
- Training and Documentation Requirements
- Recent and Proposed Changes to the HIPAA Rules
- New Penalty Structure
- New HIPAA Audit Program
- New Patient Rights
- New Obligations for Business Associates
- HIPAA Security Rule Principles
- General Rules and Flexibility Provisions
- The Role of Risk Analysis
- Security Safeguards
- Training and Documentation
Day two begins with a discussion of typical security issues and means for avoiding breaches and meeting compliance requirements when it comes to modern technologies, such as texting, e-mail, and social media. Finally, the day concludes with a session on the essential activities of documenting policies, procedures, and activities, training staff and managers in the issues and policies they need to know about, and examining compliance readiness through drills and self-audits.
- Risk Mitigation, Breach Prevention, and Compliance Remediation
- Typical Security Risks and Preventing Breaches
- Social Media, Texting, e-mail, and Privacy
- Dealing with Portable Devices and Remote Access
- Compliance Planning
- Documentation, Training, Drills and Self-Audits
- How to Organize and Use Documentation to Your Advantage
- Training Methods and Compliance Improvement
- Conducting Drills in Incident and Breach Response
- Using the HIPAA Audit Protocol for Documentation and Self-Auditing
Meet Your Instructor
Principal and Director of Compliance Services, Lewis Creek Systems, LLC
Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities.
Mr. Sheldon-Dean serves on the HIMSS Information Systems Security Workgroup, has co-chaired the Workgroup for Electronic Data Interchange Privacy and Security Workgroup, and is a recipient of the WEDI 2011 Award of Merit. He is a frequent speaker regarding HIPAA and information privacy and security compliance issues at seminars and conferences, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference in Washington, D.C.
He has more than 30 years of experience in policy analysis and implementation, business process analysis, information systems and software development. His experience includes leading the development of health care related Web sites; award-winning, best-selling commercial utility software; and mission-critical, fault-tolerant communications satellite control systems. In addition, he has eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. He received his B.S. degree, summa cum laude, from the University of Vermont and his master’s degree from the Massachusetts Institute of Technology.
Register by P.O. / Check
Yes, I want to attend "HIPAA Omnibus Rule Compliance- Understanding Roles and Responsibilities of Privacy and Security Officers".
Click here to download P.O. form
If you are paying by check:
Checks should be payable to MetricStream Inc. (our parent company) and mailed to:
2479 East Bayshore Road
Palo Alto, CA 94303
Send your team for maximum benefit.
Get your team up to speed!
Significant tuition discounts are available for teams of two or more from the same company. You must register at the same time and provide a single payment to take advantage of the discount.
||Get 10% off
|3 to 6 Attendees
||Get 20% off
|7 to 10 Attendees
||Get 25% off
||Get 30% off
Call toll free on +1-888-717-2436 if you have any queries.
Register by Wire Transfer
If you wish to pay by wire transfer, please call us toll free on +1-888-717-2436
Terms & Conditions to register for the Seminar/Conference/Event
Your Registration for the seminar is subject to following terms and conditions. If you need any clarification before registering for this seminar please call us @ +1-888-717-2436 or email us @ firstname.lastname@example.org
Payment is required before 2 days of the date of the conference. We accept American Express, Visa and MasterCard. Make checks payable to MetricStream Inc. ( our parent company)
Cancellations and Substitutions:
Written cancellations through fax or email (from the person who has registered for this conference) received at least 10 calendar days prior to the start date of the event will receive a refund — less a $200 administration fee. No cancellations will be accepted — nor refunds issued — within 10 calendar days from the start date of the event.
On request by email or fax (before the seminar) a credit for the amount paid minus administration fees ($200) will be transferred to any future ComplianceOnline event and a credit note will be issued.
Substitutions may be made at any time. No-shows will be charged the full amount.
We discourage onsite registrations, however if you wish to register onsite payment to happen through credit card immediately or check to be submitted onsite. Conference material will be given on the spot if it is available after distributing to other attendees. In case it is not available we will send the material after the conference is over.
In the event ComplianceOnline cancels the seminar, ComplianceOnline is not responsible for any airfare, hotel, other costs or losses incurred by registrants. Some topics and speakers may be subject to change without notice.
Attendance confirmation and Documents to carry to the seminar venue:
After we receive the payment from the registered attendee an electronic event pass will be sent to the email address associated with the registrant before 5 working days from the seminar date. Please bring the pass to the venue of the event.
Conference photograph / video:
By registering and attending ComplianceOnline conference you agree to have your photographs or videos taken at the conference venue and you do not have any objections to use these photos and videos by ComplianceOnline for marketing, archiving or any other conference related activities. You agree to release ComplianceOnline for any kind of claims arising out of copyright or privacy violations.
If you wish to partner with us for this event
contact us: email@example.com
call us: +1-888-717-2436.
Media Partner Benefits
- Logo and company data on the event website.
- Logo on the conference material distributed during the conference.
- Media Partner’s brochure distributed along with conference material.
- Logo on all the mailings before and after the event.
- 10% discount to media partner's subscribers.
Media Partner to do
- Banner (min 728x90 or 468x60) on the Media Partner website.
- Insertion of the event in the event calendar, both printed and/or online.
- Announcement article of the conference on the Magazine and/or Website.
- Dedicated email blast to all subscribers of Media Partner.
- Article on the Magazine and/or Website after the conference.
If you wish to sponsor this event
contact Cruise Webster: firstname.lastname@example.org
call us: (207) 576-4173
Boston Public Garden
This Frederick Law Olmsted-designed park, famous for its Swan Boats, has over 600 varieties of trees and an ever-changing array of flowers. It is America's first public garden.
Boston Public Library
The Boston Public Library was the first large municipally-funded public library in America. It has a central location right in the heart of Copley Square, facing the Trinity Church, easily accessible by taking the Green Line to Copley station (or also near to Orange Line Back Bay stop).
Fenway Park is the oldest Major League baseball park in the United States. Its small, intimate atmosphere really allows you to feel like you are "in the game." The park is situated right in downtown Boston - so it is very accessible if you are visiting the area.
Museum of Fine Arts
Boston's oldest, largest and best-known art institution, the MFA houses one of the world's most comprehensive art collections and is renowned for its Impressionist paintings, Asian and Egyptian collections and early American art.
Museum of Science
The Boston Museum of Science is a long-standing tradition for families in Boston, but that doesn't mean adults won't enjoy themselves too! Their exhibits range from dinosaurs to space travel to wildlife to physics to human biology to an in-depth look at Boston's "Big Dig" project.
This Italian neighborhood, Boston's oldest, is known for its wonderful restaurants and historic sights.
Old North Church
The signal from the steeple of Boston's oldest church triggered the War for Independence that led to the birth of America. On that fateful night in 1775, the two lanterns in the steeple told Paul Revere that the British were approaching by boat, not on foot.