Roles and Responsibilities of HIPAA Security & Privacy Official 2017

Overview:
Being the HIPAA Security and Privacy Official involves not only ensuring you know the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program.
If your HIPAA Security and Privacy Official needs to understand what all the HIPAA requirements are or make sure the current program are adequate and can withstand government scrutiny, please join us for this informative and interactive seminar.
Why should you attend:
The HIPAA Security and Privacy Official is the backbone of any organization's compliance program. Often times this role is assigned as collateral duty in smaller organizations. Regardless the size of an organization, the HIPAA Security and Privacy Official must know all the requirements for compliance. This is a critical element of the position.
Attendees will leave the course clearly understanding the role and all the requirements as the designated as a HIPAA Security and Privacy Official. This seminar will cover reviews, creation, and amending policy and procedure. After completing this course, a HIPAA Security and Privacy Official will have a clear understanding for what needs to be place when it comes to all of the HIPAA regulations.
Areas Covered in the Session:
• Why was HIPAA created?
• The Role and Responsibilities of the HIPAA Security and Privacy Official
• Complying with HIPAA Requirements?
• What are the HIPAA Security and Privacy Rules?
• What is a HIPAA Compliance Program?
• What is a HIPAA Risk Management Plan?
• What is meant by "Required" and "Addressable" Implementation Specifications?
• What are Administrative, Technical, and Physical Safeguards Requirements?
• Developing Policies and Procedures - Practical Exercise
• What is a HIPAA Risk Assessment?
• Risk Assessment - Practical Exercise
• What are HIPAA training requirements?
• What is a HIPAA data breach and what happens if it occurs?
• What are the penalties and fines for non-compliance and how to avoid them?
• Helping a HIPAA Security and Privacy Official create a culture of compliance
• Q&A
Who will benefit:
• Compliance Officer
• HIPAA Privacy Officer
• HIPAA Security Officer
• Medical/Dental Office Managers
• Practice Managers
• Practice Owners
• Information Systems Manager
• Chief Information Officer
• General Counsel/lawyer
• Practice Management Consultants
Agenda:
Day 1 Schedule
Lecture 1:
• What is HIPAA, HITECH & the Omnibus Rule
• The Role and Responsibilities of the HIPAA Security & Privacy Official Job Descriptions
Lecture 2:
• Privacy Rule Requirements
• Reviewing Notice of Privacy Practices (NPP)
• Authorized and Permitted Disclosures
• Marketing in a HIPAA compliant world
Lecture 3:
• Security Rule Requirements
• Administrative, Technical, and Physical Safeguards
• How to Perform HIPAA Risk Assessments
Lecture 4:
• Risk Assessment - Practical Exercise
Day 2 Schedule
Lecture 1:
• Review of Risk Assessment Practical Exercise
• Remediation and Required Follow Up
Lecture 2:
• What is a HIPAA Risk Management Plan
• Developing Policy and Procedure
• Reviewing Policy and Procedure
Lecture 3:
• Policy and Procedure - Practical Exercise
Lecture 4:
• Review Policy and Procedure Practical Exercise
• Summary & Closing Remarks
• Q&A
Speaker:
Jay Hodes
President and Founder, Colington Security Consulting, LLC

Jay Hodes is a leading expert in HIPAA compliance and President of Colington Consulting. His company provides HIPAA consulting services for healthcare providers and business associates. Mr. Hodes has over 30 years of combined experience in risk assessments, site security evaluation, regulatory compliance, policy and procedures assessments, and Federal law enforcement management. He is the former Assistant Inspector General for Investigations at the U.S. Department of Health and Human Services.
Mr. Hodes has been the keynote speaker and provided presentations regarding HIPAA compliance to many professional healthcare organizations. He has published over 35 educational articles regarding HIPAA compliance, been featured in Part B News articles, the Report on Patient Privacy, provided a guest post in the Electronic Health Reporter, and provided advice on HIPAA compliance to Renal & Urology News and the Virtru.com blog.
Mr. Hodes is a member of member of the American Institute of Healthcare Compliance, Healthcare Information and Management Systems Society, American Society for Industrial Security, Metro Collaborative, the Practice Man