Are You HIPAA Compliance Audit Ready? Strategies to Avoid Civil and Criminal Penalties
Overview:
Did you know that failure to comply with HIPAA, the DHHS Privacy and Security regulations, and the HITECH Act can result in hefty fines and even imprisonment? DHHS has said that it will also focus on board members, CEOs, and management, not just "worker bees." You are responsible for compliance. How can you ensure that you are meeting federal and state statutes and regulations to protect patients' privacy of health information?
This Webinar is designed to educate covered entities and business associates what you need to know to become HIPAA Compliance Audit Ready, and how to avoid civil and criminal convictions. HIPAA violation settlements and civil money penalties range from $100,000 to $4.3 million and have involved small physician practices and a hospice, as well as major health systems and health plans. The DHHS findings almost always cite one or more of the following areas as being non-compliant:
- Failure to perform a risk analysis.
- Failure to update a risk analysis.
- Failure to implement reasonable and appropriate security measures, including adopting policies and procedures.
- Failure to train the workforce
- Workstation security including encryption
Many Covered Entities and Business Associates do not have their HIPAA compliance program in place. Richard will share insights on how to adopt and implement HIPAA policies and procedures. He will explain the importance of educating your workforce on the privacy, security and breach notification requires. His seminar details the new Omnibus (Mega) rule changes. Learn which policies should be reviewed and updated to conform to current requirements.
Why should you attend: With the recent changes in the even stricter HIPAA regulations, are you prepared for a HIPAA Compliance Audit with DHHS, OIG, OCR or CMS? What would you do if the FTC accused you of a deceptive trade practice because you did not protect PHI correctly? Failure to handle a breach properly can have many bad effects.
And not all of them result from an enforcement action by DHHS. Losing a laptop containing Protected Health Information ("PHI") can result in DHHS imposing a civil money penalty but also can result in bad publicity; loss of patients; inability to receive reimbursement because you don't have a record of the transaction; the cost of mailing notifications to the victims of the breach; other mitigation costs, such as purchasing identity theft insurance for the victims if identity theft is a big risk. Learn what is and is not a reportable breach. Learn how to mitigate the effects of a breach by learning how to develop an unavoidable employee misconduct defense.
Areas Covered in the Session:
- Overview of the HIPAA privacy and security rules
- Discussion regarding the stepped-up civil and criminal penalties
- How to determine your HIPAA Compliance "Gaps"
- What are "reasonable and appropriate" security measures
- Understand the critical requirements for security
- Determine if organizations training is efficient
Who Will Benefit:
- HIPAA compliance and Security Officers
- HIPAA Privacy Officers
- Human Resources Directors
- Medical Records Personnel
- Health Information Management Professionals
- Attorneys
- Patient Accounts Managers
- Billing Services
- Pharmacists
- Mental and Behavioral Health Professionals
Speaker Profile
Richard D. Dvorak J.D., is a health care attorney and partner in the law firm of TOMES & DVORAK, CHARTERED, a Kansas City area law firm. The firm has Martindale-Hubbell’s highest rating, AV (“A” is for preeminent in the field of practice and “V” is for highest ethics). After serving eight years in the United States Marine Corps, Richard obtained his law degree from Chicago-Kent College of Law in 1992. He is licensed to practice law in Illinois, Missouri, and Kansas, including various U.S. federal courts. Mr. Dvorak’s extensive litigation experience includes medical malpractice, physician licensure, mental health disability cases, military cases, and criminal cases, among others.
Mr. Dvorak is Vice President of EMR Legal, Inc., a national HIPAA consulting firm, which provides consulting services for clients ranging from a large county government, with eight different health entities that need HIPAA compliance help, to a small transcription service. His specialty is helping covered entities and business associates comply with HIPAA in a cost-effective manner using his extensive technical computer knowledge and business acumen. He and his team have consulted over 1,000 clients in health care regulations since 1998. Mr. Dvorak is also the Vice President of Veterans Press, Inc.—a national publishing company that sells and distributes The Compliance Guide to HIPAA and the DHHS Regulations, soon to be in the 6th edition, an integral part of the HIPAA Compliance Library.
Richard’s HIPAA speaking engagements include Cross Country Education, MEDS-PDN, PESI, CMI and Lorman Business Center, and The National Home Infusion Association (NHIA) 2013 convention. He also has taught business law for Park College in Missouri. As a small businessman, Richard understands the need to help others learn how to comply with government health regulations in a reasonable, cost-effective manner.
Mr. Dvorak is Vice President of EMR Legal, Inc., a national HIPAA consulting firm, which provides consulting services for clients ranging from a large county government, with eight different health entities that need HIPAA compliance help, to a small transcription service. His specialty is helping covered entities and business associates comply with HIPAA in a cost-effective manner using his extensive technical computer knowledge and business acumen. He and his team have consulted over 1,000 clients in health care regulations since 1998. Mr. Dvorak is also the Vice President of Veterans Press, Inc.—a national publishing company that sells and distributes The Compliance Guide to HIPAA and the DHHS Regulations, soon to be in the 6th edition, an integral part of the HIPAA Compliance Library.
Richard’s HIPAA speaking engagements include Cross Country Education, MEDS-PDN, PESI, CMI and Lorman Business Center, and The National Home Infusion Association (NHIA) 2013 convention. He also has taught business law for Park College in Missouri. As a small businessman, Richard understands the need to help others learn how to comply with government health regulations in a reasonable, cost-effective manner.