HIPAA Survival - All you need to Know 2017

Overview: This seminar will be addressing how practice/business managers (or compliance offers) need to get their HIPAA house in order before the imminent audits occur. It will also address major changes under the Omnibus Rule and any other applicable updates for 2017. Areas covered will be texting, email, encryption, medical messaging, voice data and risk factors as they relate to IT.
The primary goal is to ensure everyone is well educated on what is myth and what is reality with this law, there is so much misleading information all over regarding the do's and don'ts with HIPAA - I want to add clarity for compliance officers
I will uncover myths versus reality as it relates to this very enigmatic law based on over 1000 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors.
I will also speak to real life audits conducted by the Federal government (I've been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you).
In addition, this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures.
Don't always believe what you read online about HIPAA, especially as it relates to encryption and IT, there are a lot of groups selling more than is necessarily required.
Why should you attend? - What does Omnibus mean for covered entities and business associates?
Why should you be concerned?
Court cases that are changing the landscape of HIPAA and patient's ability to sue.
It is important to understand the new changes going on at Health and Human Services as it relates to enforcement of HIPAA for both covered entities and business associates as it relates to what we need to do as compliance officers. You need to know how to avoid being low hanging fruit in terms of audit risk as well as being sued by individuals who have had their PHI wrongfully discloses due to bad IT or internal administrative practices.
Areas Covered in the Session:
• History of HIPAA
• HITECH
• HIPAA Omnibus Rule
• How to perform a HIPAA Security Risk Assessment
• What is involved in a Federal audit and how is it conducted
• Risk factors for a federal audit
• EHR and HIPAA
• Business Continuity/Disaster Recovery Planning
• Business Associates and HIPAA
• In depth discussions on IT down to the nuts and bolts
• BYOD
• Risk factors that can cause an audit (low hanging fruit)
• New rules which grant states ability to sue citing HIPAA on behalf of a patient
• New funding measures
• ....much, much more
Who will benefit:
• Practice Managers
• Compliance Officers, and any business associates privy to private health information and under the auspices of this law.
Agenda:
Day 1 Schedule
Lecture 1:
HIPAA -History
Lecture 2:
HIPAA Privacy Rule vs HIPAA Security Rule
Lecture 3:
HITECH Act
Lecture 4:
Information Technology
Lecture 5:
Breach Notification Rule
Lecture 6:
Omnibus Rule
Lecture 7:
Business Associates
Lecture 8:
Current Court Cases (precedence)
Lecture 9:
Paper Based PHI Concerns
Lecture 10:
Disaster Recovery Concerns (Paper)
Lecture 11:
Psych and Infectious Disease
Day 2 Schedule
Lecture 1:
Choosing a HIPAA Consultant
Lecture 2:
Choosing an IT Group
Lecture 3:
Disaster Recovery Concerns (Electronic)
Lecture 4:
Physical Setup
________________________________________
Lecture 5:
Overseas Outsourcing
Lecture 6:
BYOD
Lecture 7:
Texting and Emailing
Lecture 8:
What the Feds are Looking For (low hanging fruit)
Lecture 9:
What are Factors That Can Get Your Practice Audited
Lecture 10:
State Laws and Patient Ability to Sue
Lecture 11:
How to Conduct a Risk Assessment
Lecture 12:
How to Write Policies and Procedures

Speaker:
Brian L Tuttle
Sr Compliance Consultant & IT Manager, InGauge Healthcare Solutions

Brian L Tuttle, CPHIT, CHP, CBRA, Net+, A+, CCNA, MCP
Brian L Tuttle is a Certified Professional in Health IT (CPHIT), Certified HIPAA Professional (CHP), Certified HIPAA Administrator (CHA), Certified Business Resilience Auditor (CBRA), Certified Information Systems Security Professional (CISSP) with over 17 years' experience in Health IT and Compliance Consulting.
With vast experience in health IT systems (i.e. practice management, EHR systems, imaging, transcription, medical messaging, etc.) as well as over 17 years' experience in standard Health IT with multiple certifications and hands-on knowledge, Brian serves as compliance consultant and has conducted onsite and remote risk assessments for over 1000 medical practices, hospitals, health departments, insurance plans, and business associates throughout the United States.
In addition, Mr Tuttle has served in multiple litigated court cases serving as an expert witness offering input related to best practices and requirements for securi