Revising the HIPAA Notice of Privacy Practices - Changes Required by September 23, 2013 - webinars by MentorHealth

Website http://www.mentorhealth.com/ | Edit Freely

Category

Deadline: August 27, 2013 | Date: August 27, 2013

Venue/Country: Fremont, U.S.A

Updated: 2013-07-31 14:58:26 (GMT+9)

Call For Papers - CFP

Every HIPAA Covered Entity is required to have a Notice of Privacy Practices that accurately reflects patient rights and practices at the entity. Because there are new finalized changes to the HIPAA rules, the NPP for every organization having one must be updated. There are new requirements about fundraising activity, new controls on the sale of PHI, new rights of access and restrictions, and the right to be notified if there is a privacy breach. The new areas to be included will be discussed and explained, and areas that no longer need notice will also be discussed.

The new regulations will be reviewed and their effects on HIPAA Notices of Privacy Practices will be discussed. We will describe the new rights that must be added into your NPP and identify the places where current rights have been modified. In addition, we'll identify typical items that may be removed from your NPP, because it is always advisable to keep NPPs as short and readable as possible while covering all the requirements. We will examine a typical NPP and describe the places where changes might best be made, and discuss the information that needs to be added or removed to meet requirements most efficiently and economically.

Why should you attend: New updates to the HIPAA regulations now in effect contain numerous changes based, for the most part, on The HITECH Act passed in 2009. Some of the most significant changes have to do with changes to individual rights under HIPAA that must be listed in an entity's HIPAA Notice of Privacy Practices. All HIPAA Covered Entities that currently provide a Notice of Privacy Practices must update their NPPs to reflect the changes in individual rights no later than September 23, 2013. Violations are subject to enforcement that can include fines up to $50,000. Changes will be necessary in areas of patient access to records, restrictions of disclosures, marketing, fundraising, breach notification, and more.

Areas Covered in the Session:

All HIPAA Notices of Privacy Practices must be updated to meet the new rules by September 23, 2013. The schedule of implementation and scope of the changes will be described.

Notices will need to include mention of the right to be notified in the event of a breach of the privacy or security of their Protected Health Information.

Individuals have a new right to request electronic copies of information held electronically that must be reflected in the NPP.

Individuals have new rights to restrict disclosure of encounter information to an insurer if it is paid fully out of pocket by the individual. The NPP must identify this right.

Fundraising activity must be described in the NPP, with an opportunity to opt-out.

You do NOT have to include information about reimbursed marketing activity in NPPs anymore, but you do always need to get an authorization.

Health Plans must include in their NPPs new changes pertaining to GINA, restricting the use of genetic information in enrolment.

How you should update your NPP - how do you document it, to whom does it go, and how?

Who Will Benefit:

Compliance director

CEO

CFO

Privacy Officer

Security Officer

Information Systems Manager

HIPAA Officer

Chief Information Officer

Health Information Manager

Healthcare Counsel/lawyer

Office Manager

Contracts Manager

Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities.

Sheldon-Dean serves on the HIMSS Information Systems Security Workgroup, has co-chaired the Workgroup for Electronic Data Interchange Privacy and Security Workgroup, and is a recipient of the WEDI 2011 Award of Merit. He is a frequent speaker regarding HIPAA and information privacy and security compliance issues at seminars and conferences, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference in Washington, D.C.

Sheldon-Dean has more than 30 years of experience in policy analysis and implementation, business process analysis, information systems and software development. His experience includes leading the development of health care related Web sites; award-winning, best-selling commercial utility software; and mission-critical, fault-tolerant communications satellite control systems. In addition, he has eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master’s degree from the Massachusetts Institute of Technology.