The HIPAA Omnibus Update rules contain numerous changes to HIPAA Privacy, Security, and Breach Notification rules that will need to be reflected in every health care-related organization’s policies and procedures. Several policies and procedures will need to be reviewed and updated to meet the new requirements. Some of the most significant changes have been made to individual rights under HIPAA that must be reflected in an entity’s HIPAA policies and Notice of Privacy Practices (NPPs). All HIPAA Covered Entities should also have updated their policies, procedures, and Notices of Privacy Practices to reflect the changes by September 23, 2013. Violations are also subjected to the enforcement that can include fines up to $50,000 per day.
Included are new requirements having to do with various fundraising activities and a perfect opportunity to opt out, along with the new requirements for individuals to provide an appropriate authorization for the sale of PHI, the new rights of access to electronic records, with the new rights to restrict certain disclosures, and also the rights of notice in the event of a breach. Health Plans have also undergone changes related to the Genetic Information Nondiscrimination Act (GINA) that must be reflected in their policies and notices.
Reimbursed marketing activity that may have been permissible without authorization from the individual under the old rules now requires authorization. Policies on Breach Notification and incident handling need to reflect the new way of determining whether or not a breach is reportable. And HIPAA Business Associates are now covered under the regulations, requiring them to have a full set of HIPAA policies in place, and covered entities’ policies should reflect the change.
Covered entities that use electronic health records (EHRs) will have to meet new access and disclosure rules now. New regulations around the anticipated release of electronic records have created new burdens that your EHR and your medical records department should deal with. Also, in case, you are required to have a HIPAA Notice of Privacy Practices, you will need to update that to show all the latest rights that patients will now have, such as the existence of electronic copies, new rights to restrict disclosures, and much more.
This webinar by our expert speaker Jim Sheldon-Dean will help health information professionals understand what they have to do, and when, and what to keep in mind as they move forward, in order to be in compliance with the new regulations. It will provide a comprehensive look at the changes in the rules and prepare attendees for the process of incorporating the changes into how they do business in their facilities. The changes to be described in the session are numerous and many are subtle and require an in-depth examination of your policies and Notice of Privacy Practices.
Highlights of the session are:
Get answer to your questions in Q&A segment by the speaker itself after the session.
Who should attend? Compliance Manager, HIPAA Officer, Chief Information Officer, Health Information Manager, Medical Office Manager, Medical Practice Lawyer, CFO, CEO, COO. Privacy Officer, Information Security Officer.
- Jim Sheldon-Dean
Jim Sheldon-Dean is a healthcare compliance and HIPAA expert in the areas of privacy and security regulatory compliance and business process analysis. He is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of healthcare entities. Jim is a frequent speaker regarding HIPAA...
More Events By The Speaker