HIPAA for Health Centers
As covered entities, health centers must comply with the same HIPAA Rules that apply to other health care providers including large hospitals and hospital systems; however, health centers often have limited time, personnel and resources to commit to HIPAA compliance. Recent HIPAA settlements demonstrate that the Office for Civil Rights (OCR) expects all covered entities (including health centers) to comply with the HIPAA Rules regardless of their size, location or mission. Non-compliance can result in civil monetary penalties and corrective action plans that last at least two years and include substantial oversight by OCR.
This workshop series introduces the key compliance requirements for health centers under the HIPAA Privacy, Security and Breach Notification Rules – from the Privacy Rule requirements for providing patients with access to their protected health information (PHI), to the Security Rule requirements for conducting security risk analyses and limiting access to electronic PHI to the Breach Notification Rule requirements to investigate and report breaches. Presenters will include the details of recent HIPAA enforcement actions and settlements, updates on changes to the HIPAA Rules (including the HIPAA Privacy Rule to Support Reproductive Health Care Privacy), and lots of client stories and time for your questions. Join us for one workshop or all three!
Workshop 1: HIPAA Privacy for Health Centers
Tuesday, October 29, 2024
12:00 p.m. - 4:00 p.m. ET
Workshop 2: HIPAA Security for Health Centers
Wednesday, October 30, 2024
12:00 p.m. - 4:00 p.m. ET
Workshop 3: Business Associates and Breaches
Thursday, October 31, 2024
12:00 p.m. - 4:00 p.m. ET
Each workshop includes:
- Overview of the HIPAA regulations and compliance expectations
- Discussion of relevant enforcement actions and guidance from OCR
- Updates on proposed/pending changes to the HIPAA regulations
- Tips on developing a more robust HIPAA compliance program in your health center
Premium Plan subscribers receive a 10% discount on the training fee for this webinar series. For more information, contact us.
The on-demand version of this webinar series will be available for purchase one week after the conclusion of the series.
Target Audience
- HIPAA Privacy Officers
- HIPAA Security Officers
- Compliance Officers
- Health Center Directors
- Operations staff
- Medical records staff
- Administrative and/or office staff
Learning Objectives
Workshop 1: HIPAA Privacy for Health Centers
- Understand the key HIPAA Privacy compliance requirements for health centers
- Develop and/or revise your health center’s policies and procedures to comply with the HIPAA Privacy Rule and to incorporate best practices
- Revise your health center’s Notice of Privacy Practices to reflect how your health center uses and discloses patient information
Workshop 2: HIPAA Security for Health Centers
- Understand the key HIPAA Security compliance requirements for health centers.
- Understand the expectations for conducting a security risk analysis and developing activities to mitigate identified security risks
- Develop and/or revise your health center’s policies and procedures to comply with the HIPAA Security Rule and to incorporate best practices
Workshop 3: Business Associates and Breaches
- Identify when a business associate agreement is required prior to disclosing patient information
- Develop and/or revise your health center’s business associate agreement template to incorporate the required elements and provisions favorable to your health center
- Understand the requirements for reporting breaches to patients, to the Office for Civil Rights and to the media
Agenda
Workshop 1: HIPAA Privacy for Health Centers | |
Tuesday, October 29, 2024 | 12:00 PM - 4:00 PM ET |
12:00 - 1:00 p.m. | Disclosing PHI for Treatment, Payment and Health Care Operations |
1:00 - 1:15 p.m. | Break |
1:15 - 2:15 p.m. | Authorization Requirements: Notice of Privacy Practices |
2:15 - 2:30 p.m. | Break |
2:30 - 3:30 p.m. | Responding to Patient Requests: Access, Amendments and Restrictions |
3:30 - 4:00 p.m. | Q&A |
3:45 pm - 4:00 pm | Wrap-Up and Discussion |
Workshop 2: HIPAA Security for Health Centers | |
Wednesday, October 30, 2024 | 12:00 PM - 4:00 PM ET |
12:00 - 1:30 p.m. | Introduction to the Security Rule Administrative Safeguards: Conducting a Security Risk Analysis and Creating a HIPAA Security Compliance Program |
1:30 - 1:45 p.m. | Break |
1:45 - 2:30 p.m. | Physical Safeguards: Protecting Health Center Facilities, Systems and Devices |
2:30 - 2:45 p.m. | Break |
2:45 - 3:30 p.m. | Technical Safeguards: Access, Audit, Authentication and Encryption |
3:30 - 4:00 p.m. | Q&A |
Workshop 3: Business Associates and Breaches | |
Friday, October 31, 2024 | 12:00 PM - 4:00 PM ET |
12:00 - 1:15 p.m. | Identifying Your Health Center's Business Associates and Executing Business Associate Agreements |
1:15 - 1:30 p.m. | Break |
1:30 - 2:45 p.m. | Investigating and Reporting Breaches |
2:45 - 3:00 p.m. | Break |
3:00 - 4:00 p.m. | Responding to an OCR Investigation |
Molly Evans
Molly Evans is a Partner in the firm’s Health Care practice group. She advises health centers on the management of clinical, employment and workforce related risks, with a particular focus on professional liability, Federal Tort Claims Act, and HIPAA matters. From her experience as both a private attorney and in-house counsel, Molly knows the importance of managing liability and risk issues in mission-driven organizations. [Full Bio]
Dianne Pledgie
Dianne Pledgie serves as Partner and Compliance Counsel with the firm’s health care practice group, Dianne advises health centers on implementing effective compliance programs and on addressing top compliance risk areas. Dianne counsels health centers and other organizations on developing compliance programs that include the OIG’s seven elements, respond to identified compliance risk areas, and reflect the organization’s culture. Dianne also advises health centers and other organizations on patient privacy and confidentiality, including the HIPAA Privacy Rule and 42 CFR Part 2. She has experience responding to privacy and security incidents, including determining whether there has been a breach, notifying patients and the government, and creating corrective action plans. [Full Bio]
Participants can earn up to 11.40 CPE credits in Specialized Knowledge and Applications upon completion of all course requirements.
ADDITIONAL INFORMATION
- Prerequisites: None
- Target Audience: HIPAA Privacy Officers, HIPAA Security Officers, Compliance Directors, Health Center Directors. Operations staff, medical records staff, and administrative and/or office staff
- Advanced Preparation: None
- Program Level: All
- Delivery Method: Group Internet Based
- Attendance Requirements: In order to be awarded the full credits, you must respond to least three (3) polling questions per 50-minute credit hour during each webinar
Feldesman Leifer LLP is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website www.nasbaregistry.org (formerly www.learningmarket.org).
Price
Access to the recorded version of this webinar series is included in your purchase.
Webinar Access
The recorded version of each webinar will be available in your account within seven (7) business days of each session and you will have access to the recordings for 90 days after the conclusion of the series. Once posted to your account, you can view each webinar anytime on-demand during the access period identified in your purchase confirmation. For additional information on viewing and accessing webinars, view our full terms and conditions here.
Payment Policy
We accept the following forms of payment: American Express, Mastercard, Visa, ACH, PayPal, electronic check, and check. For information about the methods of payment we accept, please review our Payment FAQs.
Refunds/Cancellations
Review our Cancellation Policies.
Required Hardware/Software
Google Chrome and Mozilla Firefox are the preferred browsers.