If you cannot remember the last time your organization performed a HIPAA & HITECH Act Risk Analysis, or if you are unsure if your organization has ever performed a Risk Analysis, then this is the webinar for you. Jonathan P. Tomes will cover how to conduct a risk analysis and how to update it as necessary.

The purpose of this webinar is to give you what you need to know make sure that you are HIPAA compliant in the area of security incidents, a term that has specific meaning and requirements under HIPAA.

With the Enactment of the Modifications to HIPAA contained in the so-called HI-TECH Act and its implementing regulation, the Omnibus Rule, the law and DHHS have greatly expanded the importance of handling breaches properly. How covered entities handle security incidents, breaches, and complaints is one of the key areas that DHS audits for. In addition, it has imposed civil money penalties as high as $5.5 million for failure to handle HIPAA violations properly. Every entity has a security incident on occasion-maybe dozens a year. But which of them are actually breaches and which are reportable breaches? What should you do before reporting it to minimize liability? How do you respond to the investigation? How do you handle a complaint to minimize the chance that it will lead to an investigation and perhaps a civil money penalty? These and related questions are key to HIPAA compliance and to minimize potential liability.

This webinar will cover everything that you need to know about how to handle HIPAA security incidents, breaches, and complaints and the Department of Health and Human Resources Investigations thereof. Not all security incidents are breaches, but all breaches of confidentiality are within the broad ambit of security incidents. Privacy rule violations, such as failing to give a patient a copy of his or her medical records, may also constitute a breach as the $4.2 million fine assessed against Cignet Healthcare of Prince George's County, Maryland, dramatically proved. Handling an investigation properly is key to determining not only how to handle it to mitigate any harm and to take action to prevent it from happening again but also to determine whether it is reportable to affected individuals and to DHHS.

If you cannot remember the last time your organization performed a HIPAA & HITECH Act Risk Analysis, or if you are unsure if your organization has ever performed a Risk Analysis, then this is the webinar for you. Jonathan P. Tomes will cover how to conduct a risk analysis and how to update it as necessary. Failure to conduct a written risk analysis qualifies as "willful neglect," which carries the highest civil money penalty ("CMP") and which penalty cannot be waived by DHHS as can violations due to a reasonable cause.

This 90-minute webinar gives you an excellent overview of the Omnibus rule changes. Learn what actions to take now to achieve HIPAA compliance with the new Omnibus Rule, to pass an audit or an investigation, and to avoid civil money penalties and criminal convictions.

The purpose of this webinar is to give you what you need to know to make sure that you are HIPAA compliant in the area of security incidents, a term that has specific meaning and requirements under HIPAA.

HIPAA requires covered entities (health plans, health care clearinghouses, Medicare prescription drug sponsors and providers that transmit one or more of the standard transactions [primarily reimbursement information] electronically and business associates [those who perform a service for a covered entity or for another business associate]) to select reasonable and appropriate security measures to safeguard individually identifiable health information. Those who fail to do so may face seven-figure civil money penalties imposed by the Department of Health and Human Services.

Breach notification to the individual and to the U.S. Department of Health and Human Services (DHHS) is a key component of HIPAA compliance. Failing to do it properly can result in a seven-figure civil money penalty and is one of the key issues that DHHS audits for in the ongoing Phase II audits.