The HIPAA Rules require Covered Entities and Business Associates to do Risk Analysis and Risk Management (RA-RM) but do not explain how to do them. OCR consistently calls Risk Analysis the foundation of every HIPAA Compliance program.

• Paul R. Hales
• Time: 10:00 AM PDT | 01:00 PM EDT
• Duration: 60 Minutes
• Price: $139.00
• View Details

HHS and CMS have confirmed the requirement that all Emails and Text Messages containing Protected Health Information (PHI) must be encrypted. There is only one exception. Patients have the absolute right to communicate with Covered Entities by unencrypted email and text message - if the patients have been informed there is some level of risk and prefer using unencrypted electronic transmissions.

• Paul R. Hales
• Time: 10:00 AM PDT | 01:00 PM EDT
• Duration: 60 Minutes
• Price: $139.00
• View Details

The Internet is flooded with highly visible, dangerous HIPAA violations committed unknowingly by health care providers on their websites, their social media like Facebook, and in posting or responding to Patient Reviews about the quality - good or bad - of the health care provider service.

• Paul R. Hales
• Time: 10:00 AM PDT | 01:00 PM EDT
• Duration: 60 Minutes
• Price: $139.00
• View Details

The HIPAA Rules require Covered Entities and Business Associates to do Risk Analysis and Risk Management (RA-RM) but do not explain how to do them. OCR consistently calls Risk Analysis the foundation of every HIPAA Compliance program.

• Paul R. Hales
• Time: 09:00 AM PDT | 12:00 PM EDT
• Duration: 60 Minutes
• Price: $139.00
• View Details

Regular (unencrypted) Email and Text Messaging containing Protected Health Information (PHI) are effective engagement and communication tools that patients like and have the right to use.

• Paul R. Hales
• Time: 10:00 AM PDT | 01:00 PM EDT
• Duration: 90 Minutes
• Price: $139.00
• View Details

The Problem Addressed by this Webinar: HIPAA Covered Entities and Business Associates of all types and sizes are at serious risk of health information breaches caused by aggressive criminal attacks and their own lack of attention to protective safeguards required by HIPAA. Admittedly the HIPAA regulations are difficult to read. They are written in a legalistic language and arranged in confusing order with frequent obscure and even inaccurate internal references. However, while the number of health information breaches grows rapidly, the number of private class action lawsuits based on those breaches is growing much faster. And government enforcement is also on the rise, in part to deal with medical identity theft, the fastest-growing and most lucrative type of identity theft in America today.

• Paul R. Hales
• Time: 10:00 AM PDT | 01:00 PM EDT
• Duration: 60 Minutes
• Price: $139.00
• View Details

Remote work involving PHI is here to stay - at least for a while: The Covid-19 Public Health Emergency has ended. But one effect of the pandemic remains - some covered entity and business associate staff continue to work at home or other remote locations where their duties involve receiving, creating, maintaining and transmitting protected health information (PHI).

• Paul R. Hales
• Time: 10:00 AM PDT | 01:00 PM EDT
• Duration: 60 Minutes
• Price: $139.00
• View Details

This webinar is for HIPAA Covered Entities (CEs) and Business Associates (BAs). Criminals increasingly focus cyber-attacks on BAs because one hit can give them access to PHI of all the BA’s customers. Growth of serious BA PHI breaches affecting tens of millions of patients put the spotlight on BA HIPAA compliance, attracting HHS Office for Civil Rights investigations and aggressive private class action lawsuits filed within days of a breach targeting BAs and their CE customers. CEs that did nothing wrong can still be held liable to pay the same civil money penalty as their BA for the BA’s HIPAA violation under the Federal Common Law of Agency which is included in the HIPAA Enforcement Rule.

• Paul R. Hales
• Time: 10:00 AM PDT | 01:00 PM EDT
• Duration: 60 Minutes
• Price: $139.00
• View Details