HIPAA 2023 Guidance and Compliance

Webinar Details

Speaker

Jim Sheldon Dean

Industry

HIPAA and Compliance Conference

Speciality

HIPAA and Compliance Conference

Available

All Days

Duration

90 Minutes


Registration Options

Choose Your Options

Save $20 - [ HEALTHCPTI ]

Error Conference Exists In Wish-list.

Congrats Conference Added In Wish-list.



Need Corporate Discount ?

Find More Webinars Of : HIPAA and Compliance Conference

  • * For more than 6 attendee call us at +1-800-803-7592 or mail us at cs@conferencepanel.com
  • * For Check and ACH payment call us at +1-800-803-7592 or mail us at cs@conferencepanel.com
  • * Click to download the Order Form

Description

HIPAA has seen a lot of activity recently that will affect how to address compliance in 2023, from a continuing push to provide individual access to records, enforcement actions pertaining to access and information security, and proposed changes to the regulations pertaining to access and coordination of care. Business Associate responsibilities for compliance have been better defined, and requirements for the establishment of those relationships have been relaxed in some cases for the COVID-19 emergency, but relaxations end with the end of the emergency. Healthcare communications and information systems will need to meet HIPAA requirements. Much of what has changed recently will continue to evolve in 2023

Agenda

of  HIPAA 2023 Guidance and Compliance

  • Overview of HIPAA Regulatory Expectations
    • New Regulatory Directions
    • Pandemic Rule Relaxations Ending
    • Overdue Regulatory Action
    • Court Ruling Limiting Regulations
  • Issues in Individual Access of Records under HIPAA
    • Continued Emphasis on Enforcement of Individual Access Rules
    • Court Ruling Limiting Third-Party Access Requests
    • Limitation of Business Associate Liability for Compliance
  • HIPAA Security Rule Enforcement
    • Using an Information Security Management Process Helps
    • Dealing with Incidents and Breaches
  • HIPAA Accounting of Disclosures Changes
    • Current Accounting of Disclosures Requirements
    • Required Changes and Difficulties Implementing Them
    • Likely Regulation to be Proposed
  • Potential Rules Changes
    • Acknowledgment of Receipt of Notice of Privacy Practices
    • Easing Care Coordination
    • TCPA and Cell Phone Communications
  • HIPAA Controls and New Technologies
    • Difficulty in Managing Privacy
    • Calls for HIPAA Expansions

Session Highlights

of HIPAA 2023 Guidance and Compliance

  • Understand the HIPAA 2023 Guidance and Compliance and apply the HIPAA rules on providing information under the regulations for individual requests for PHI.
  • Know the extent of the limitations on the fees charged to individuals for access to their records, and the new changes according to a Federal Court ruling.
  • Understand how individual requests to direct their information to a third party are treated differently, and the differences when paper vs. electronic records are requested.
  • Know what parties are responsible for compliance with the timeliness, form, and format requirements for individual requests, and what parties are responsible for the fee requirements for individual requests of PHI.
  • See how entities that have not managed individual access properly have been sanctioned by the US Department of Health and Human Services.
  • Understand how the new rules on data sharing work with the HIPAA individual access rules, and how the rules may be updated under the proposed changes.
  • Find out about the rules for permitted communications with the Family and Friends of patients.
  • See how HIPAA allows communications that are necessary for First Response circumstances., disclosures to Disaster Recovery agencies, and disclosures to Prevent a Serious and Imminent Threat

Areas Covered

This session will look at the current state of HIPAA and identify recent guidance and court decisions affecting HIPAA, as well as expected changes in the rules in the coming year, and the focus and results of various HIPAA enforcement actions.

Over many years, the US Department of Health and Human Services Office for Civil Rights has indicated that patient access to information is a key priority in order to improve the health of the nation. Patient rights under HIPAA have been expanded to include several rights of access, and detailed guidance has been issued on access to records. And more than four dozen of HIPAA enforcement actions since September 2019 were against entities that did not provide patient access to records properly. HHS is now using HIPAA Individual Access Rights to effectively implement new rules on prohibitions to Data Blocking, and the proposed changes to the HIPAA Privacy Rule, made in December 2020, will codify the current guidance on compliance.

The rules having to do with patient access to records need to be reflected in the policies and procedures of every healthcare-related organization. The guidance provides clear and detailed information on how to provide access, what can be charged for in fees, and what the individual’s rights are when it comes to access to information. The proposed changes to the HIPAA Privacy Rule would put into regulation the access guidance, and provide new avenues for patients to request copies of their records be sent to their current providers.

At the same time, a recent Federal court decision has changed some of the aspects of the individual access rules pertaining to transmitting records to third parties at the request of the individual. Additionally, HHS has issued guidance when HIPAA Business Associates are involved, regarding the responsibility for the timing, and form, and format of replies to requests for access, and the responsibilities for compliance with the fee requirements.

Information Security remains a focus for enforcement as well, with organizations that don’t take the proper steps in an information security management process finding that breaches and incidents can be expensive compliance problems. Enforcement of the Security Rule is expected to continue as a priority to protect patient information and patient safety.

In order to facilitate the delivery of services and necessary communications during the COVID-19 emergency, the US Department of Health and Human Services issued guidance relaxing some HIPAA requirements pertaining to teleconferencing tools and reiterating HIPAA allowances for communication with family and friends of patients. Now that the emergency is ending, the allowances are ending, and entities will need to follow the rules without exceptions.

This session HIPAA 2023 Guidance and Compliance will discuss the issues surrounding the use of various communication technologies under HIPAA controls, including a discussion of Business Associate responsibilities for compliance under new guidance from HHS. The session will prepare organizations for the impacts of likely rule changes in areas such as Accounting of Disclosures, the Notice of Privacy Practices, cell phone communications, and new technologies. Proposed changes to the Privacy Rule in areas of Care Coordination will be explored.

Who Should Attend

  • CEO
  • HIPAA Privacy Officers
  • HIPAA Security Officers
  • Information Security Officers
  • Risk Managers
  • Compliance Officers
  • Privacy Officers
  • Health Information Managers
  • Information Technology Managers
  • Information Systems Managers
  • Medical Office Managers
  • Chief Financial Officers
  • Systems Managers
  • Chief Information Officer
  • Healthcare Counsel/lawyer
  • Operations Directors
Jim Sheldon Dean
Jim Sheldon Dean

(Principal and Director of Compliance Services)

Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities.  He is a frequent speaker regarding HIPAA, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference. Sheldon-Dean has more than two decades of experience specializing in HIPAA compliance, four decades of experience in policy analysis and implementation, business process analysis, information systems, and software development, and eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician.  Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master’s degree from the Massachusetts Institute of Technology.

Registration Options

Choose Your Options

Save $20 - [ HEALTHCPTI ]

Error Conference Exists In Wish-list.

Congrats Conference Added In Wish-list.


Need Corporate Discount ?


  • * For more than 6 attendee call us at +1-800-803-7592 or mail us at cs@conferencepanel.com
  • * For Check and ACH payment call us at +1-800-803-7592 or mail us at cs@conferencepanel.com
  • * Click to download the Order Form
Jim Sheldon Dean
Jim Sheldon Dean

(Principal and Director of Compliance Services)

Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities.  He is a frequent speaker regarding HIPAA, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference. Sheldon-Dean has more than two decades of experience specializing in HIPAA compliance, four decades of experience in policy analysis and implementation, business process analysis, information systems, and software development, and eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician.  Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master’s degree from the Massachusetts Institute of Technology.