Ransomware and HIPAA Risks - BE VERY CAREFUL HERE
Overview:
I will be speaking to real life situations I have personally dealt with on multiple occasions as part of HIPAA investigations relating to ransomware breaches. These can be absolutely devastating to your practice or business and can cause a major financial burden as well as embarrassment. I will give specific information regarding multiple incidents and what they practice/business did wrong and how these situations occurred - there are many variables to consider. In addition, I will discuss specific questions the Office of Civil Rights investigators and FBI will more than likely be asking and how best to answer. Most importantly I will speak to the best ways to prevent this from happening altogether! I will uncover myths versus reality as it relates to this very enigmatic law (HIPAA) based on over 1000 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors.
In addition, this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures.
Don't always believe what you read online about HIPAA, especially as it relates to encryption and IT, there are a lot of groups selling more than is necessarily required.
Why should you Attend: Are your systems at risk for ransomware or other very dangerous breaches?
Do you know that this is the #1 risk for massive breach in the United States!
Don't let your electronic protected health records get hijacked by these criminal (both foreign and domestic)! Do you understand the massive burden both from embarrassment and from fines this can cause your practice or business?
Areas Covered in the Session:
- What is ransomware
- What are risk factors
- What to do if hijacked
- Audit Process
- What can cause an audit
- How to avoid these issues altogether
- What to do in the event of an audit
- How to speak and deal with Federal auditors
- Risk Assessment
- Best resources
- Practice managers
- Any business associates who work with medical practices or hospitals (i.e. billing companies, transcription companies, IT companies, answering services, home health, coders, attorneys, etc)
- MD's and other medical professionals
Speaker Profile
With vast experience in health IT systems (i.e. practice management, EHR systems, imaging, transcription, medical messaging, etc.) as well as over 18 years experience in standard Health IT with multiple certifications and hands-on knowledge, Brian serves as compliance consultant and has conducted onsite and remote risk assessments for over 1000 medical practices, hospitals, health departments, insurance plans, and business associates throughout the United States.
In addition, Mr Tuttle has served in multiple litigated court cases serving as an expert witness offering input related to best practices and requirements for securing and providing patient access to protected health information. Mr. Tuttle has also worked directly with the Office of Civil Rights (OCR) both in defending covered entities and business associates as well as being asked by the Federal government to audit covered entities and business associates on behalf of the OCR. Almost all of Brian's clients are earned by referral with little or no advertising.
Brian is well known and highly regarded in medical circles throughout the United States for his quality work and down home southern charm Mr Tuttle has a Master's Degree in Health Sciences from Georgia State University and works nationally out of Kennesaw, GA