HIPAA in 2022 and Beyond – Being Ready for Compliance Today and in the Future


Webinar Details

Speaker

Jim Sheldon Dean

Industry

Healthcare

Speciality

HIPAA and Compliance

Calendar

Jun 16, 2022 , 01 : 00 PM EST |  24 Days Left

Duration

90 Minutes

Registration Options

Choose Your Options

Error Conference Exists In Wish-list.

Congrats Conference Added In Wish-list.






  • * For more than 6 attendee call us at +1-800-803-7592 or mail us at cs@conferencepanel.com
  • * For Check and ACH payment call us at +1-800-803-7592 or mail us at cs@conferencepanel.com
  • * Click to download the Order Form

Description

The rules having to do with patient access to records need to be reflected in every healthcare-related organization’s policies and procedures. The guidance provides clear and detailed information on how to provide access, what can be charged in fees, and what the individual’s rights are when it comes to access to information. The rallying cry for easy patient access and transfer of information increases daily and is no longer escapable. The proposed changes to the HIPAA Privacy Rule would put into regulation the access guidance, and provide new avenues for patients to request copies of their records be sent to their current providers.

A recent Federal court decision changed some of the aspects of the individual access rules about transmitting records to third parties at the request of the individual.  Additionally, HHS has issued guidance when HIPAA Business Associates are involved, regarding the responsibility for the timing, form, and format of replies to requests for access, and the responsibilities for compliance with the fee requirements. To top it off, individual access rules may be modified under the proposed HIPAA rule changes, reducing the time to provide requested information, and making access easier for individuals. The changes would also enable easier sharing of information for purposes of care coordination.

The COVID-19 Emergency has made clear the need to provide services remotely to the extent possible. Providers need to communicate more, between themselves and with their patients. To facilitate the delivery of services and necessary communications during the emergency, the US Department of Health and Human Services has issued guidance relaxing some HIPAA requirements about teleconferencing tools and disclosures for public health reasons by HIPAA Business Associates, but the Emergency status is drawing to a close and all communications, including telemedicine, will need to meet HIPAA standards.

HHS has also issued guidance to remind healthcare providers of the allowances for communications with family and friends, with disaster relief organizations, and to prevent a serious and imminent threat to the health or safety of individuals or the public.

Areas Covered

  • Learn about the new proposed changes to the HIPAA Privacy Rule and how they may affect your operations.
  • Understand the guidance and apply the HIPAA rules on providing information under the regulations for individual requests for PHI, and learn how the process may be changing under the proposed rules.
  • Know the extent of the limitations on the fees charged to individuals for access to their records, and the new changes according to a Federal Court ruling.
  • Understand how individual requests to direct their information to a third party are treated differently, and the differences when paper vs. electronic records are requested.
  • Know what parties are responsible for compliance with the timeliness, form, and format requirements for individual requests, and what parties are responsible for the fee requirements for individual requests of PHI.
  • See how entities that have not managed individual access properly have been sanctioned by the US Department of Health and Human Services.
  • Understand how the new rules on data sharing work with the HIPAA individual access rules.
  • Find out about the types of Telemedicine and Teleconferencing technology, and HIPAA requirements.
  • Find out about the rules for permitted communications with Family and Friends of patients.
  • See how HIPAA allows communications that are necessary for First Response circumstances, disclosures to Disaster Recovery agencies, and disclosures to Prevent a Serious and Imminent Threat.

Background

HIPAA compliance activity recently has included a push to provide individual access to records, limits on those rules from the courts, new enforcement actions about access, and new regulations to complement the HIPAA rules for access. Business Associate responsibilities for compliance have been better defined, and requirements for the establishment of those relationships have been relaxed in some cases for the COVID-19 emergency, but relaxations end when the emergency ends. And now new changes to HIPAA have been proposed, to ease access by individuals and sharing of Protected Health Information where appropriate, and try to relieve some of the administrative burdens of the rules. These proposed changes may go into effect in 2022.

Why Should You Attend

Over many years, the heads of the US DHHS have indicated that patient access to information is a key priority to improve the health of the nation. Patient rights under HIPAA have been expanded to include several rights of access, and detailed guidance has been issued on access to records. And more than two dozen of the most recent HIPAA enforcement actions have been against entities that did not provide patient access to records properly. HHS is now using HIPAA Individual Access Rights to effectively implement new rules on prohibitions to Data Blocking.

HHS has also proposed changes to the HIPAA privacy rule to enhance patient access as well as ease the burdens of sharing information for purposes of care coordination, and other modifications that will require entities to update their Notices of Privacy Practices.

In addition, compliance activities related to privacy and information security are continuing, with recent settlements for systemic noncompliance with the Security Rule, including the lack of risk analysis, policy development, and training activities related to information security, as well as for improper sharing or posting of patient information under the Privacy Rule. With the continuing threats of hackers and ransomware, good practices in information security can pay off if there’s a problem, as the HIPAA Safe Harbor Law calls for limited investigations and penalties if good practices can be shown.

This session will look at the current state of HIPAA and identify recent guidance and court decisions affecting HIPAA, as well as expected changes in the rules in the coming year, and the focus and results of various HIPAA enforcement actions.

Who Should Attend

  • CEO
  • HIPAA Privacy Officers
  • HIPAA Security Officers
  • Information Security Officers
  • Risk Managers
  • Compliance Officers
  • Privacy Officers
  • Health Information Managers
  • Information Technology Managers
  • Information Systems Managers
  • Medical Office Managers
  • Chief Financial Officers
  • Systems Managers
  • Chief Information Officer
  • Healthcare Counsel/lawyer
  • Operations Directors
Jim Sheldon Dean
Jim Sheldon Dean

(Principal and Director of Compliance Services)

Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities.  He is a frequent speaker regarding HIPAA, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference. Sheldon-Dean has more than two decades of experience specializing in HIPAA compliance, four decades of experience in policy analysis and implementation, business process analysis, information systems, and software development, and eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician.  Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master’s degree from the Massachusetts Institute of Technology.