Jonathan P. Tomes

Health care Attorney and Partner, Tomes & Dvorak

Jonathan P. Tomes , J.D., is a health care attorney and partner in the law firm of TOMES & DVORAK, CHARTERED. He has written more than 50 books, including The Compliance Guide to HIPAA and the DHHS Regulations, and dozens of articles in the area of HIPAA compliance.

He has been an expert witness in litigation involving health information compliance issues and is the President of EMR Legal, Inc., a national HIPAA consulting firm. His knowledge of the law and of the practical aspects of setting up a security system provides a rare opportunity for compliance officers and medical records veterans and novices alike. Mr. Tomes has presented seminars nationally for 20 years.



Omnibus (Mega) Rule Changes to HIPAA & the HITECH Act and What They Mean to Covered Entities and Business Associates

The Omnibus Rule finalizes the modifications to the HIPAA Privacy Rule, Security Rule, and enforcement rules to implement many of the privacy, security, and enforcement provisions of the HITECH Act and to make other changes to the Rules, modifies the breach notification rule, and finalizes the modifications to the HIPAA Privacy Rule to strengthen privacy protections for genetic information.

HIPAA Compliance Though Policies

The Health Insurance Portability and Accountability Act of 1996 ("HIPAA") and its regulations (the "Privacy Rule" and the "Security Rule") protect the privacy of an individual's health information and govern the way that covered entities and now business associates collect, maintain, use, and disclose protected health information ("PHI"). Creation and implementation of policies and procedures are a requirement for HIPAA compliance.

How to do a Risk Analysis

If you cannot remember the last time your organization performed a HIPAA & HITECH Act Risk Analysis, or if you are unsure if your organization has ever performed a Risk Analysis, then this is the webinar for you. Jonathan P. Tomes will cover how to conduct a risk analysis and how to update it as necessary. Failure to conduct a written risk analysis qualifies as "willful neglect," which carries the highest civil money penalty ("CMP") and which penalty cannot be waived by DHHS as can violations due to a reasonable cause.

HIPAA Issues in Mental and Behavioral Health

Without the proper legal awareness needed to stay in compliance, you may face grave legal and financial consequences. This webinar will help alleviate confusion by providing an overview of HIPAA and the Security and Privacy Rules and the changes that the HITECH Act caused, especially regarding civil and criminal penalties for violating HIPAA. Learn how and when HIPAA preempts (does away with) state law and the exceptions to preemption, and what other laws preempt HIPAA, such as 42 Code of Federal Regulations Part II's added protection for substance abuse treatment information.