Road to HIPAA Compliance: How to Handle HIPAA and HITECH Security Breaches, Complaints, and Investigations
Duration: 75 Minutes
This webinar will cover everything that you need to know about how to handle HIPAA security incidents, breaches, and complaints and the Department of Health and Human Resources Investigations thereof. Not all security incidents are breaches, but all breaches of confidentiality are within the broad ambit of security incidents. Privacy rule violations, such as failing to give a patient a copy of his or her medical records, may also constitute a breach as the $4.2 million fine assessed against Cignet Healthcare of Prince George's County, Maryland, dramatically proved. Handling an investigation properly is key to determining not only how to handle it to mitigate any harm and to take action to prevent it from happening again but also to determine whether it is reportable to affected individuals and to DHHS.
Objectives of the Presentation
HIPAA requires a complaint procedure (policy). The webinar will suggest what such a document should contain as it also will for the required report procedure (what is reportable, who reports, to whom, and required/suggested contents of the report) and the required response procedure (what do the responsible officials do after receiving the report or the complaint).
Investigating a possible security incident is key. The webinar will cover how to conduct a thorough investigation of HIPAA security incidents, breaches, and patient complaints.
Think of a gap analysis as an examination of: What you currently have in place for HIPAA compliance. Is that adequate? Can it be done better? Is it enough? And what am I missing? Asking these questions will help establish the direction and next steps to take. It lays the ground work for a good Risk Analysis and the policies and procedures your organization may be lacking in a cost-effective manner so you are not wasting money and other resources in unnecessary security measures.
Why Should you Attend
How covered entities handle security incidents, breaches, and complaints is one of the key areas that DHS audits for. In addition, it has imposed civil money penalties as high as $4.8 million for failure to handle HIPAA violations properly. Every entity has a security incident on occasion-maybe dozens a year. But which of them are reportable? What should you do before reporting it to minimize liability? How do you respond to the investigation? These and related questions are key to HIPAA compliance and to minimizing potential liability.
Who will Benefit
- What is a security incident?
- What is a security breach?
- What is a reportable breach-one that must be self-reported to Health and Human Services (HHS) and in some situations to prominent local media?
- Performing a risk assessment
- What are the most common breaches?
- What are the penalties for not handling breaches properly?
- How do handle patient complaints?
- How do you handle HHS HIPAA violation investigations?
- Healthcare HIPAA Security and Privacy Officers
- Compliance Officers
- Chief Information Officers
- Human resource officers
- Business manager's facility administrators
- Medical records personnel
- Health information managers
- Health care attorneys
- Nurses and business associates