Tom Dumez

President , Prime Compliance

Tom Dumez has more than 13 years of records management experience. He started Prime Compliance earlier in 2013 in an effort to provide a ‘real world’ employee HIPAA training program to both business associates and covered entities. Tom has spoken at many conferences, educational workshops, and seminars across the US, London, and Guam.

HIPAA: 2013 AND 2014 AND What To Expect

The recent release of the Omnibus Final Rule has changed the game again when it comes to certain provisions of HIPAA. This impacts all covered entities and business associates. We will dissect these changes one by one in an effort to provide you a clearer understanding of what they actually mean, why they were added, and what you can do to mitigate the risks associated with a breach.


We will explore the new ICD-10 requirements, the important dates involved, the major difference between ICD-9 and ICD-10, go over a list of FAQ's, learn what is required of you and the people that you might do business with regarding healthcare providers, health plans, and healthcare clearinghouses. We will also take a look at the impact that ICD-10 could have on treatments, payment, and healthcare operations.

HIPAA: OCR Audits in 2014

This rapid fire presentation will consist of numerous concerns that OCR has regarding business associates. We will spend time discussing what the law requires of the audits, who is performing the audits, what both the CE and the BA should know, and how to prepare for an audit. Also, we will discuss gap analysis, security risk assessments, identifying PHI in the "food chain", business associate agreements (BAA's), breach notification policies, effective staff training compared to simply providing some training, and employee awareness of their responsibilities regarding the ever changing world of information protection.

HIPAA: Is It Really That Bad

We will explore the statistics involved with protecting PHI, discuss their effectiveness, discuss breach numbers, causes of breaches, etc. We will also examine how to mitigate the risks to your organization. We will also discuss effective staff training. Having a bad training is actually worse that having no training, and we will discuss the critical components that all employees should know and understand.