We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byHeidi Goodheart
Modified about 1 year ago
© Clearwater Compliance LLC | All Rights Reserved Copyright Notice 1 Copyright Notice. All materials contained within this document are protected by United States copyright law and may not be reproduced, distributed, transmitted, displayed, published, or broadcast without the prior, express written permission of Clearwater Compliance LLC. You may not alter or remove any copyright or other notice from copies of this content. For reprint permission and information, please direct your inquiry to
© Clearwater Compliance LLC | All Rights Reserved Legal Disclaimer 2 Legal Disclaimer. This information does not constitute legal advice and is for educational purposes only. This information is based on current federal law and subject to change based on changes in federal law or subsequent interpretative guidance. Since this information is based on federal law, it must be modified to reflect state law where that state law is more stringent than the federal law or other state law exceptions apply. This information is intended to be a general information resource regarding the matters covered, and may not be tailored to your specific circumstance. YOU SHOULD EVALUATE ALL INFORMATION, OPINIONS AND ADVICE PROVIDED HEREIN IN CONSULTATION WITH YOUR LEGAL OR OTHER ADVISOR, AS APPROPRIATE. The existence of a link or organizational reference in any of the following materials should not be assumed as an endorsement by Clearwater Compliance LLC.
© Clearwater Compliance LLC | All Rights Reserved HIPAA Compliance BootCamp™ Wrap Up Bob Chaput or Clearwater Compliance LLC 3
© Clearwater Compliance LLC | All Rights Reserved 4 Gregory J. Ehardt, JD, LL.M. HIPAA/Assistant Compliance Officer - HCA Adjunct Professor Office of General Counsel Idaho State University Bob Chaput, CISSP, CIPP/US CHP, CHSS CEO Clearwater Compliance Expert Instructors Elizabeth Warren, Esq. Partner Bass, Berry & Sims, PLC Mary Chaput, MBA, HCISPP, CIPP/US, CHP CFO & Chief Compliance Officer Clearwater Compliance Meredith Phillips, MHSA, CHC, CHPC Chief Information Privacy & Security Officer Henry Ford Health System David Finn, CISA, CISM, CRISC Health IT Officer Symantec Corporation
© Clearwater Compliance LLC | All Rights Reserved 30 Day Access, from today! Clearwater Expert | Phone | GoToMeeting All Clearwater HIPAA Compliance BootCamp™ Attendees 5 Clearwater HIPAA Mentor™ Contact: Bob Chaput – – I’ll assist you or connect you with an Expert
© Clearwater Compliance LLC | All Rights Reserved Our Overarching Mission 6 1.Complaint 2.Breach Notice 3.SAG HITECH Action 4.FTC Action 5.Whistleblower 6.State Action (e.g., DHCS) 7.OCR Audit Avoid the following…
© Clearwater Compliance LLC | All Rights Reserved Policy defines an organization’s values & expected behaviors; establishes “good faith” intent People must include talented privacy & security & technical staff, engaged and supportive management and trained/aware colleagues following PnPs. Procedures or processes – documented - provide the actions required to deliver on organization’s values. Safeguards includes the various families of administrative, physical or technical security controls ( including “guards, guns, and gates”, encryption, firewalls, anti-malware, intrusion detection, incident management tools, etc.) Balanced Compliance Program Four Critical Dimensions Clearwater Compliance Compass™ 7
© Clearwater Compliance LLC | All Rights Reserved 9 Actions to Take Now 8 4.Complete a HIPAA Security Risk Analysis (45 CFR § (a)(1)(ii)(A)) 5.Complete a HIPAA Security Evaluation (= compliance assessment) (45 CFR § (a)(8)) 6.Complete Technical Testing of Your Environment (45 CFR § (a)(8)) 7.Implement a Strong, Proactive Business Associate / Management Program (45 CFR § (e) and 45 CFR § (b)) 8.Complete Privacy Rule and Breach Rule compliance assessments (45 CFR § and 45 CFR § ) 9.Document and act upon a remediation plan 1.Set Privacy and Security Risk Management & Governance Program in place (45 CFR § (a)(1)) 2.Develop & Implement comprehensive HIPAA Privacy and Security and Breach Notification Policies & Procedures (45 CFR § and 45 CFR § ) 3.Train all Members of Your Workforce (45 CFR § (b) and 45 CFR § (a)(5)) Demonstrate Good Faith Effort!
© Clearwater Compliance LLC | All Rights Reserved What is Your Organization’s Vision? 9 Marketing, Customer Service & Patient Safety Strategy HIPAA-HITECH Compliance Project Patient/Member Privacy & Security Program
© Clearwater Compliance LLC | All Rights Reserved Accretive Share Price & Story 10 July Accretive employee’s laptop computer, containing 20 million pieces of information on 23,000 patients, was stolen from the passenger compartment of the employee’s car 7/31/2012 $2.5M MN SAG Settlement 1/19/2012 MN SAG Suit 12/31/2013 FTC Settle. 6/13/2013 Class Action Suit 03/14/2014 De-Listed NYSE 4/2/2013 CEO Replaced 8/26/2013 CFO Replaced 9/27/2013 $14M Class Settlement 01/ Job Cuts 4/13/2013 COO Replaced
© Clearwater Compliance LLC | All Rights Reserved Supplemental Materials 10-1.HIPAA Privacy Rule Requirements for Business Associates 10-2.HIPAA Security Rule Requirements for Business Associates FINAL 10-3.Special HIPAA Requirements for Group Health Plans and their Sponsors 10-4.Risky Business: How to Conduct a Bona Fide HIPAA Risk Analysis 10-5.HIPAA Compliance | Now Even More Critical for Third Party Administrators 10-6.HIPAA Compliance | Now Even More Critical for Managed Care Organizations 11
Protecting Patient Privacy: HIPAA Guidelines for Health Care Providers.
1 Gramm-Leach-Bliley Act (GLBA) Implementation of the Safeguards Rule Information Security Program University of Minnesota (Adapted from the Federal Trade.
1 Minimum Necessary Standard Version 1.0 HIPAA Collaborative of Wisconsin HIPAA COW.
2011 Health Insurance Portability and Accountability Act (HIPAA) Volunteer Training 2011 Privacy & Security Protection of Public Health Patients Information.
FIVE EASY STEPS FOR HANDLING NEW HIPAA REQUIREMENTS & MANAGING YOUR ELECTRONIC COMMUNICATIONS James J. Eischen, Jr., Esq. October 2013 Chicago, Illinois.
Copyright Davis Wright Tremaine LLP - Jan Working with the HIPAA Privacy Manual and Forms --- HIPAA Summit West II Clark Stanton & Tom Jeffry Davis.
Implementing and Enforcing the HIPAA Security Rule John Parmigiani National Practice Director Regulatory and Compliance Services CTG HealthCare Solutions,
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
Privacy and Information Security Training ( ) Privacy and Information Security Training Vanderbilt University Medical Center Information.
Challenges of Recent Legislation and the Need for IT Policy Jacqueline Craig University of California Office of the President Secure IT 2004 April 28,
HIPAA Demystified: A Simple Approach to Building a HIPAA Compliance Program Including HITECH and TMPA. EPCC Health Career and Technical Education November.
Navigating the Interface Between the HIPAA Privacy and Security Rules Presented by: McDermott, Will & Emery Michael L. Blau, Esq Marilyn Lamar, Esq. 28.
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall 14-1 MANAGING INFORMATION TECHNOLOGY 7 th EDITION CHAPTER 14 INFORMATION SECURITY.
Anatomy of a HIPAA Breach Maureen DAgostino SVP, Quality, Service and Performance Excellence Colleen McClorey Associate General Counsel, University of.
Presented to the Fifth HIPAA Summit October 30, 2002 HIPAA Assessment and Implementation.
NEBOSH International General Certificate Resource Pack Ian Harries CMIOSH © 2013 Ian Harries. All rights reserved. No part of this material may be reprinted.
1 Monitoring Compliance with HIPAA Privacy HIPAA Summit VII Session /15/03 Patricia Johnston, CHP, FHIMSS Texas Health Resources
HIPAA Workforce Training The Health Insurance Portability & Accountability Act (HIPAA) requires that the University train all workforce members about the.
Agency E&O Considerations when Social Networking ACT Webinar Presented By: David Hulcher, Assistant Vice President, Agency E&O Risk Management, Big I Advantage.
1 HIPAA Privacy Standards Health Insurance Portability and Accountability Act – HIPAA Privacy Standards Healthcare Provider Training Module Copyright 2003.
HIPAA Training: Ensuring Privacy for our Patients Privacy Training for Harvard Medical Students.
Red Flags Rule BAS Forum August 18, What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.
Start With A Great Information Security Plan! Tammy L. Clark, CISO, Georgia State University William Monahan, Lead Information Security Administrator,
This presentation, including any supporting materials, is owned by Gartner, Inc. and/or its affiliates and is for the sole use of the intended Gartner.
Breach Response TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.
HIPAAsensitivity: Moving Towards a HIPAAculture DArcy Guerin Gue Executive Vice President Phoenix Health Systems.
1 ON- LINE TRAINING EVENT HIPAA (Health Insurance Portability & Accountability Act) ENTER.
How to Create an IT Security Program Tracy Mitrano Steve Schuster R. David Vernon Copyright Tracy Mitrano, Steven Schuster and David Vernon, This.
Information Security Microsoft Legal Spotlight Presented by LawNet and Microsoft Alan Hakimi US Lead Architect for Security Microsoft Services Scott D.
Hot Topics in Privacy & Security Law Presented by Robert J. Scott Managing Partner Scott & Scott, LLP
© 2016 SlidePlayer.com Inc. All rights reserved.