91AV

Phishing warning 01-May-2024
We are aware of phishing emails targeting speakers of events whose names appear on our events pages. If you are unsure if an email regarding event registration or accommodation has come from us please contact us and do not provide any credit card details or personal information

HIPAA Notice of Privacy Practices - What It Should Say and How To Use It Properly

20 November 2014, Fremont, United States


Introduction
Overview: The final amendments to HIPAA resulting from the HITECH Act are now in effect and compliance was required by September 23, 2013. The amendments require changes in several areas of operation, including health information management, marketing, fundraising, and security, and many of the changes will require significant effort to implement.

Every HIPAA Covered Entity is required to have a Notice of Privacy Practices that accurately reflects patient rights and practices at the entity. Because there are new finalized changes to the HIPAA rules, the NPP for every orgainzation having one must be updated. There are new requirements about fundraising activity, new controls on the sale of PHI, new rights of access and restrictions, and the right to be notified if there is a privacy breach. The new areas to be included will be discussed and explained, and areas that no longer need notice will also be discussed.

The new regulations will be reviewed and their effects on HIPAA Notices of Privacy Practices will be discussed. We will describe the new rights that must be added into your NPP and identify the places where current rights have been modified. In addition, we'll identify typical items that may be removed from your NPP, because it is always advisable to keep NPPs as short and readable as possible while covering all the requirements. We will examine a typical NPP and describe the places where changes might best be made, and discuss the information that needs to be added or removed to meet requirements most efficiently and economically.

Why should you attend:
New updates to the HIPAA regulations now in effect contain numerous changes based, for the most part, on The HITECH Act passed in 2009. Some of the most significant changes have to do with changes to individual rights under HIPAA that must be listed in an entity's HIPAA Notice of Privacy Practices. All HIPAA Covered Entities that currently provide a Notice of Privacy Practices must update their NPPs to reflect the changes in individual rights. Violations are subject to enforcement that can include fines up to $50,000. Changes will be necessary in areas of patient access to records, restrictions of disclosures, marketing, fundraising, breach notification, and more.
Included are new requirements for the NPP to include notice of fundraising activity and an opportunity to opt out, new requirements for individuals to provide authorization for the sale of PHI, new rights of access to electronic records, new rights to restrict certain disclosures, and rights of notice in the event of a breach. Health Plans also have changes related to the Genetic Information Nondiscrimination Act (GINA) that must be reflected in their NPPs.
Reimbursed marketing activity that may have been permissible without authorization from the individual under the old rules used to require notice in the NPP. Now all such marketing activity paid for by a third party wishing to promote a product or service will require authorization, and no longer needs to be specifically listed in the NPP.
The changes are numerous and many are subtle and require an in depth examination of your Notice of Privacy Practices.

Areas Covered in the Session:
All HIPAA Notices of Privacy Practices should have been updated to meet the new rules by September 23, 2013 The schedule of implementation and scope of the changes will be described
Notices will need to include mention of the right to be notified in the event of a breach of the privacy or security of their Protected Health Information
Individuals have a new right to request electronic copies of information held electronically that must be reflected in the NPP
Individuals have new rights to restrict disclosure of encounter information to an insurer if it is paid fully out of pocket by the individual The NPP must identify this right
Fundraising activity must be described in the NPP, with an opportunity to opt-out
You do NOT have to include information about reimbursed marketing activity in NPPs any more, but you do always need to get an authorization
Health Plans must include in their NPPs new changes pertaining to GINA, restricting the use of genetic information in enrolment
How you should update your NPP – how do you document it, to whom does it go, and how?

Who Will Benefit:
Compliance Director
CEO
CFO
Privacy Officer
Security Officer
Information Systems Manager
HIPAA Officer
Chief Information Officer
Health Information Manager
Healthcare Counsel/lawyer
Office Manager
Contracts Manager

Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities.

Sheldon-Dean serves on the HIMSS Information Systems Security Workgroup, has co-chaired the Workgroup for Electronic Data Interchange Privacy and Security Workgroup, and is a recipient of the WEDI 2011 Award of Merit. He is a frequent speaker regarding HIPAA and information privacy and security compliance issues at seminars and conferences, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference in Washington, D.C.

Useful links

Speakers
  • Jim Sheldon Dean Lewis Creek Systems, LLC, United States

Venue
Online event

Online event , 161 Mission Falls Lane, Suite 216, Fremont, 94539, United States

Useful links

Committee
Organised by
MentorHealth is a comprehensive training source for healthcare professionals. Our trainings are high on value, but not on cost. MentorHealth is the right training solution for healthcare professionals. With MentorHealth, healthcare professionals can make use of the best benefits relating to their professional training. • They can get the benefit of advice from experts in the field. • Healthcare professionals will have the flexibility of viewing recorded webinars at their convenience. • MentorHealth offers online interactive participation. Using this, healthcare professionals, no matter which part of the world they are based in, will have the opportunity to listen to and interact with some of the most accomplished experts in the healthcare Industry.
Contact information
Search
 
 
Showing all upcoming events
Start Date
End Date
Location
Subject area
Event type

Advertisement
Spotlight


E-mail Enquiry
*
*
*
*