Why Should You Attend:
This session focuses on the issues of managing health information when it may be that of students and may involve substance use disorder treatment information. HIPAA and FERPA allow a number of disclosures without consent that SAMHSA prohibits without consent. First we will explain how HIPAA relates to information management and release and explain the processes required for various releases of information under the HIPAA and FERPA rules, including release according to individual access requests, and under consents and HIPAA authorizations.
While FERPA overrides HIPAA, both HIPAA and FERPA take a back seat to the rules under 42 CFR Part 2. When substance use disorder treatment information is involved, first you need to understand how to identify it. We will discuss how to make it distinguishable from “regular” health information, so that the appropriate extra protections can be provided. You may be able to use functions in your EHR to flag the information, or you may create a manual process for tracking the information, if it is rarely handled in your organization. And the substance abuse treatment information you collect may or may not be under SAMHSA depending on whether or not you have a department or even a response team that specializes in SAMHSA-related situations. You need to understand your status under the rules before you release information inappropriately. We will discuss what qualifies treatment that falls under SAMHSA.
If your organization provides services that create information that is under the SAMHSA regulations, you will need to establish the consent and release of information processes that are required to be followed for information releases under 42 CFR Part 2. This involves getting the proper consents upon establishment of the relationship, as well as managing consents for releases that may be necessary after the initial establishment of the relationship. The session will include an explanation of the consent and release requirements that must be followed.
When you release information under HIPAA, there are no special notices required to be placed on the records. But when you release information under SAMHSA, each document must have a notice that explains that re-disclosure is not permitted without a new consent. Complicating matters are updated rules going into effect that will allow a consent that permits a re-release to a defined team of providers caring for the individual, but then require meticulous documentation of to whom the information has been released under such a consent. The session will go over the rules on consents and re-release of information.
Areas Covered in the Webinar:
Who Will Benefit:
This webinar will provide valuable assistance to all personnel in:
Medical offices, practice groups, hospitals, academic medical centers, insurers, business associates (shredding, data storage, systems vendors, billing services, etc). The titles are
Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities. He is a frequent speaker regarding HIPAA, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference. Sheldon-Dean has more than 19 years of experience specializing in HIPAA compliance, more than 37 years of experience in policy analysis and implementation, business process analysis, information systems and software development, and eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master’s degree from the Massachusetts Institute of Technology.
Student health information may be subject to a number of laws and regulations, such as HIPAA, FERPA, various State laws, and the rules for handling Substance Use Disorder information under 42 CFR Part 2. Compliance requires knowing which rules apply in which circumstances, and what each of the rules call for.
For much of healthcare, HIPAA sets the standards for how to manage uses and disclosures of patient information, known as Protected Health Information (PHI). But when it comes to information about students, even health information is controlled under the FERPA rules. For information related to the treatment of substance use disorders, regulations of the Substance Abuse and Mental Health Services Administration (SAMHSA) under 42 CFR Part 2 prevail. These rules apply to information collected under SAMHSA, which may be difficult to separate from "regular" PHI in your records, and there are special rules for disclosure and re-disclosure of substance abuse treatment information. Student health information may be subject to some or all of these rules, so it is essential to know where each rule applies and which rules supersede each other.
A number of factors must be considered when managing the privacy and security of student information. School records are rather decisively controlled by the FERPA regulations, but those regulations don't always apply, and when they don't, HIPAA steps in with the necessary privacy and security controls. While many of the concepts in the rules are similar, there are extensive detail differences.
Today we are in the midst of an epidemic of substance abuse, and particularly opioid abuse, and more and more providers are involved in providing treatment to students with substance abuse issues. When substance abuse is involved, the rules of SAMHSA under 42 CFR Part 2 come into play and override both HIPAA and 42 CFR Part 2. But who is covered under the rules, what’s involved in meeting them, and how do they interact with HIPAA? HIPAA allows a number of disclosures, for treatment, payment, and healthcare operations purposes, without consent from the individual being treated. SAMHSA rules, on the other hand, require consent for every disclosure or re-disclosure, and if the proper consents aren’t obtained, the provider can be in violation of the rules and subject to penalties.
Registrants may cancel up to two working days prior to the course start date and will receive a letter of credit to be used towards a future course up to one year from date of issuance. ComplianceOnline would process/provide refund if the Live Webinar has been cancelled. The attendee could choose between the recorded version of the webinar or refund for any cancelled webinar. Refunds will not be given to participants who do not show up for the webinar. On-Demand Recordings can be requested in exchange. Webinar may be cancelled due to lack of enrolment or unavoidable factors. Registrants will be notified 24hours in advance if a cancellation occurs. Substitutions can happen any time.If you have any concern about the content of the webinar and not satisfied please contact us at below email or by call mentioning your feedback for resolution of the matter. We respect feedback/opinions of our customers which enables us to improve our products and services. To contact us please email [email protected] call +1-888-717-2436 (Toll Free).
PAYMENT METHOD: 100% Secure Transaction