Step by Step HIPAA Rules and Audit Practices: 9 Trending Courses on HIPAA Compliance

This package training will walk the attendee through 3 Step HIPAA safe harbors that focus on HIPAA Rules for transmitting informational email and text messages to patients, which HIPAA law applies to Business Associates and the 5 steps needed for full HIPAA compliance. Attendees will also get o understand what are the HIPAA Rules in action - steps that are blueprint to prevent, prepare for, respond to and recover from a Ransomware Attack, how to handle HIPAA security incidents, breaches, and complaints and the Department of Health and Human Resources Investigations, the best practices to maintain compliance with HIPAA, what are the penalties for violating the rules and how to handle a HIPAA audit, the 5 steps of HIPAA breach notification rule requirements of covered entities and business associates. Apart from these points the webinar will also cover key areas including development and execution of a manageable auditing and monitoring plan relating to HIPAA compliance targeting common high risk issues, the common social media risks from a HIPAA compliance perspective and how to learn what a HIPAA security incident is and elements you need to have in your security incident report and response policy and procedure.
Instructor: Paul Hales ,Jonathan P. Tomes, J.D., Rhonda Granja, B.S., Jay Anstine ,Jonathan P. Tomes, J.D.,
Product ID: PACK70056

CD/Recorded-How It Works:

  • Webinar CD/Recorded will have a series of modules. Our experts have delivered the modules using PowerPoint Presentations
  • Webinar Recording Link or CDs are licensed to be used multiple times at any location with multiple attendants
  • Get unlimited access for Recorded links
  • Free shipment of CDs within 72 hours from the date of purchase
  • Reference materials for Webinar Recording Link/CDs will be mailed to your registered e-mail id

Webinar Topics:

Who will benefit?

  • Hospital Trustees
  • C-Suite Executives
  • HIPAA Compliance Official
  • HIPAA Privacy Officer
  • HIPAA Security Officer
  • Health Information Technology Supervisor
  • Chief Information Security Officer
  • Risk Management Director
  • General Counsel - Associate General Counsel
  • Certified Public Accountant
  • Health Care Practice and Business Associate Owners
  • Chief Executive Officer
  • Chief Operating Officer
  • Chief Compliance Officer
  • Chief Information Officer
  • Front Desk Team Members
  • Receptionists
  • Medical Record Personnel
  • Clerical workers and anyone who shares the Responsibility of the Front Desk Operations
  • Third Party Administrators - usually Insurance Brokers
  • Hospital Compliance Officers
  • Hospital Administrators
  • Physician Practice Administrators
  • Hospital Internal Auditors
  • Marketing Department
  • Human Resources Department

Webinars included in the Package:

MACRA & MIPS - Patient Engagement - HIPAA Rules for Text Messaging & Email (Duration: 60 Minutes)

The HIPAA Rules and HHS/OCR guidance provide a simple, easy to use 3 Step Safe Harbor for using unencrypted email and text messaging to engage patients. This session will explain the 3 Step HIPAA Safe Harbor. Patient Engagement is a cornerstone of MACRA. Communication technology offers indispensable patient engagement tools. Secure patient portals are available. So are encrypted text message and email products. But patients overwhelmingly choose non-secure communication tools like text messaging and email. Appointment reminders, healthcare instructions, patient satisfaction surveys, health and wellness newsletters and recall reminders are just a few patient engagement tools sent electronically by regular (unencrypted) email and text messaging.

Objectives of the Presentation:

This webinar for HIPAA Covered Entities and Business Associates will cover:
  • A clear explanation of the simple 3 Step HIPAA Safe Harbor that protects covered entities and business associates acting on their behalf from liability related to patient engagement by unencrypted email and text messaging
  • What makes an email or text message subject to HIPAA law
  • A clear explanation of how HIPAA defines PHI - it's not just information about, for example, a diagnosis, disease, surgery or prescribed treatment
  • How a 2015 Federal Communications Commission Order about health care text messages added to confusion and what it really means - the 3 Step HIPAA Safe Harbor is the only text message Safe Harbor for covered entities and business associates
  • The interconnected liability of covered entities and business associates that provide unencrypted electronic patient engagement services like appointment reminders - and both can protect themselves

Instructor Profile:

"Paul Hales received his Juris Doctor degree from Columbia University Law School and is licensed to practice law before the Supreme Court of the United States. He is an expert on HIPAA Privacy, Security, Breach Notification and Enforcement Rules with a national HIPAA consulting practice based in St. Louis. Paul is the author of all content in The HIPAA E-Tool, an Internet-based, Software as a Service product for health care providers and business associates."

Business Associates Come in From the Cold! 5 Steps to HIPAA Compliance (Duration: 60 Minutes)

This webinar for HIPAA Business Associates will cover HIPAA law that applies to Business Associates and the top HIPAA Compliance Priorities, broken into 5 steps needed for full HIPAA compliance: 1. The HIPAA Compliance Official, 2. Risk Analysis and Risk Management, 3. Understand and implement the interconnected Business Associate Security Rule and Privacy Rule Compliance responsibilities with appropriate Policies and Procedures, 4. Learn how to investigate, assess and document Potential Breaches and if necessary, make notifications required by the Breach Notification Rule, 5. Understand Business Associate Agreements with a Covered Entity and a Subcontractor Business Associate. Write your own Business Associate Agreement, recognize red flags, and avoid making your Subcontractor Business Associate your agent under the Federal Common Law of Agency by mistake.

Objectives of the Presentation:

  • Management responsibility
  • Guide to Risk Analysis - Risk Management
  • Security Rule and Privacy Rule are interconnected - Policies Required for both
  • How to deal with Potential Breaches
  • Understand the Business Associate Agreement (BAA) and the Subcontractor BAA

Instructor Profile:

"Paul Hales received his Juris Doctor degree from Columbia University Law School and is licensed to practice law before the Supreme Court of the United States. He is an expert on HIPAA Privacy, Security, Breach Notification and Enforcement Rules with a national HIPAA consulting practice based in St. Louis. Paul is the author of all content in The HIPAA E-Tool, an Internet-based, Software as a Service product for health care providers and business associates."

HIPAA Cyber Crime - How to Prevent, Prepare, Respond and Recover (Duration: 60 Minutes)

Attend this session to learn how to find and follow the HIPAA Rules which provide an easy, step-by-step guide to prevent, prepare for, respond to and recover from a Cyber Attack. Ransomware is the easiest and safest way for cyber-criminals to extort money from the Healthcare Industry. Covered Entities and Business Associates of all types and sizes are prime targets because disruption of healthcare operations, even for a brief period, can result in catastrophic harm to patients. Criminal hackers don't need to be sophisticated to mount an attack - they simply trick employees to open a "phishing" email or click on an Internet link.

Objectives of the Presentation:

  • Ransomware described - new ransomware threats and old ransomware tricks that still work
  • Why ransomware criminals target the healthcare industry
  • The key HIPAA rules to prevent - prepare - respond - recover from a ransomware attack
  • What to do if (when) your organization suffers a ransomware attack
  • To Pay or Not to Pay? - And most important - how to avoid having to make the choice because you are prepared

Instructor Profile:

"Paul Hales received his Juris Doctor degree from Columbia University Law School and is licensed to practice law before the Supreme Court of the United States. He is an expert on HIPAA Privacy, Security, Breach Notification and Enforcement Rules with a national HIPAA consulting practice based in St. Louis. Paul is the author of all content in The HIPAA E-Tool, an Internet-based, Software as a Service product for health care providers and business associates."

Road to HIPAA Compliance: How to Handle HIPAA and HITECH Security Breaches, Complaints, and Investigations (Duration: 60 Minutes)

With the Enactment of the Modifications to HIPAA contained in the so-called HI-TECH Act and its implementing regulation, the Omnibus Rule, the law and DHHS have greatly expanded the importance of handling breaches properly. How covered entities handle security incidents, breaches, and complaints is one of the key areas that DHS audits for. In addition, it has imposed civil money penalties as high as $5.5 million for failure to handle HIPAA violations properly. Every entity has a security incident on occasion-maybe dozens a year. But which of them are actually breaches and which are reportable breaches? What should you do before reporting it to minimize liability? How do you respond to the investigation? How do you handle a complaint to minimize the chance that it will lead to an investigation and perhaps a civil money penalty? These and related questions are key to HIPAA compliance and to minimize potential liability.

Objectives of the Presentation:

  • Overview of HIPAA and the security and privacy rules
  • Preemption of state and federal law
  • What is a security incident?
  • What is a breach?
    • Definition
    • How to determine whether an incident is a breach
    • How to respond to a breach?
  • What is a reportable breach?
    • Definition
    • How to determine whether an incident is a breach
    • How to respond to a breach?
  • Complaints
    • Duties before a complaint
    • Responding to a complaint
  • How to respond to investigations
  • Conclusion and Question and Answer

Instructor Profile:

Jonathan P. Tomes, J.D., is a health care attorney. He has written more than 60 books, including "The Compliance Guide to HIPAA and the DHHS Regulations," "The Gap Analysis Survey," "The Risk Analysis ToolKit," and dozens of articles in the area of HIPAA compliance. He has been an expert witness in litigation involving health information compliance issues and is the President of EMR Legal, Inc., a national HIPAA consulting firm. His knowledge of the law and of the practical aspects of setting up a security system provides a rare opportunity for compliance officers and medical records veterans and novices alike. Mr. Tomes has presented seminars nationally for more than 20 years.

HIPAA Designed for the Front Office Staff (Duration: 60 Minutes)

This webinar will find solutions to improve protection of our patient's confidential information. The webinar will also explain easy methods that are cost effective. HIPAA can often deplete resources in your practice. There are things that you can implement that will not cost you extra overhead expenditures.

Objectives of the Presentation:

  • What does routine vs. non-routine disclosure mean?
  • Should you incorporate "E-mail" signatures?
  • How to avoid patient HIPAA complaints?
  • Is all of your front office team on the same page?
  • How do you protect patient information on your computer?

Instructor Profile:

Rhonda Granja, B.S., CMC, CMOM, CMA, CPC, is a certified professional coder and certified medical assistant. Rhonda has been in the medical office profession since 1990 and is currently working as an independent medical consultant. She is involved with multiple medical groups and has also developed staff motivation techniques. She has extensive knowledge of billing and reimbursement related to managed care and commercial carriers as well as Medicare and state funded products. Rhonda has a wealth of experience and her passion for speaking tends to get attendees excited about what they do. Aside from her professional relationships, she makes time to advocate with the non-profit organization, Autism Speaks.

HIPAA Breach - or Not? How to Find Out & What to Do (Duration: 60 Minutes)

Attend this session to learn exactly what to do if your organization suspects it has suffered a potential breach or has been attacked by Ransomware. You will learn how to investigate, assess, determine and document whether you have suffered a breach of unsecured PHI that requires breach notifications, when and how to provide breach notification and the other things you must do when you have a breach. There is a secret to HIPAA Compliance. The secret is the HIPAA Rules are easy to follow, step-by-step, when you know the steps. In this session, you will learn and see the 5 steps of HIPAA breach notification rule compliance explained clearly in plain language.

Objectives of the Presentation:

This webinar explains the inter-connected breach notification rule requirements of covered entities and business associates when a business associate or subcontractor business associate suffers a breach. And it covers the special, more restrictive compliance requirements when a business associate or subcontractor is an agent under the federal common law of agency - including how to avoid creating an agency relationship by mistake.

Instructor Profile:

"Paul Hales received his Juris Doctor degree from Columbia University Law School and is licensed to practice law before the Supreme Court of the United States. He is an expert on HIPAA Privacy, Security, Breach Notification and Enforcement Rules with a national HIPAA consulting practice based in St. Louis. Paul is the author of all content in The HIPAA E-Tool, an Internet-based, Software as a Service product for health care providers and business associates."

HIPAA Auditing and Monitoring Made Easy (Duration: 60 Minutes)

With the increasingly likelihood that either a patient will complain to the Office of Civil Rights ("OCR") or your organization gets selected for an OCR audit, patient confidentiality continues to remain one of the top enforcement concerns amongst federal and state officials. Since auditing for HIPAA compliance may seem like throwing spaghetti at the wall, this presentation is designed to provide attendees with a manageable framework and prioritization for auditing in key areas of HIPAA compliance.

Objectives of the Presentation:

  • What is the regulatory framework surrounding HIPAA?
  • What are the areas of concern to the OCR?
  • What key compliance challenges with HIPAA that organizations commonly face?
  • What is the difference between auditing and monitoring?
  • What areas should I be auditing?
  • What areas should I be monitoring?
  • Recent enforcement actions related to HIPAA privacy, security, and breach notification rule compliance

Instructor Profile:

Jay Anstine is the President of Bluebird Healthlaw Partners. As a healthcare lawyer specializing in regulatory compliance, Mr. Anstine consults to physicians, senior management and boards of directors on compliance programs and regulatory issues impacting operations.

When HIPAA and Social Media Collide (Duration: 60 Minutes)

This presentation will provide an overview of the common social media risks from a HIPAA compliance perspective. More specifically it will cover the HIPAA regulatory framework, social media policies, the dos and don'ts of social media, conducting staff training, and responding to a breach involving social media. To supplement the discussion, Mr. Anstine will offer some operational insights as well as regulatory enforcement trends.

Objectives of the Presentation:

  • Overview of the HIPAA regulatory framework
  • The Dos and Don'ts of social media
  • What to include in social media policies
  • Conducting social media training with workforce members
  • How social media fits into the breach notification rule
  • How to respond if a breach occurs involving social media
  • OCR enforcement trends
  • Social media policy drafting tips
  • Strategies and insights for social media staff training

Instructor Profile:

Jay Anstine is the President of Bluebird Healthlaw Partners. As a healthcare lawyer specializing in regulatory compliance, Mr. Anstine consults to physicians, senior management and boards of directors on compliance programs and regulatory issues impacting operations.

What Is a HIPAA Security Incident, and What Should You Do About It? (Duration: 60 Minutes)

The purpose of this webinar is to give you what you need to know make sure that you are HIPAA compliant in the area of security incidents, a term that has specific meaning and requirements under HIPAA. If HIPAA covered entities and business associates do not report and respond to HIPAA security incidents properly, they can face up to seven-figure fines. This webinar will help you avoid the free trip to Leavenworth and the expensive trip to the bank, which could easily occur if you do not know what a security incident is and what to do about it.

Objectives of the Presentation:

  • Learn what a security incident is under HIPAA
  • Learn how to recognize where a security incident falls along the continuum culminating with a reportable breach under HIPAA
  • Learn how to investigate a security incident to determine whether it is a breach
  • Learn what elements you need to have in your security incident report and response policy and procedure
  • Learn who has to report a security incident and to whom and when and how and why
  • Learn how to mitigate a security incident
  • Learn how to train your workforce on how to handle a HIPAA security incident
  • Learn what the documentation requirements are under HIPAA

Instructor Profile:

Jonathan P. Tomes, J.D., is a health care attorney. He has written more than 60 books, including "The Compliance Guide to HIPAA and the DHHS Regulations," "The Gap Analysis Survey," "The Risk Analysis ToolKit," and dozens of articles in the area of HIPAA compliance. He has been an expert witness in litigation involving health information compliance issues and is the President of EMR Legal, Inc., a national HIPAA consulting firm. His knowledge of the law and of the practical aspects of setting up a security system provides a rare opportunity for compliance officers and medical records veterans and novices alike. Mr. Tomes has presented seminars nationally for more than 20 years.

Price:$2000.00
Get Flash Drive's

Free shipment within 4 Working Days of placing the order. (For multiple location please contact our customer care team)

Price:$1800.00
Get Training CD's

Free shipment within 4 Working Days of placing the order. (For multiple location please contact our customer care team)

Price:$1000.00
Recorded Session

Get life time access for one participant with download option! (For multiple licenses please contact our customer care team)