Live Webinar on : New Rules for HIPAA Business Associates: How the changes to HIPAAcreate new compliance obligations Tuesday, June 19, 2012 duration : 01:00 to 02:30 PM EST Description • The new HIPAA Business Associate rules change the game for HIPAA compliance responsibility. WeGet 15 % Discount as a early bird will discuss how the responsibilities have changedregistrations. Use Promo Key : and how the changes affect both Business Associates CGO15 and Covered Entities. Not only have the rules changed, but also there are new kinds of businesses now covered as HIPAA BAs such as HealthWho will benefit information exchanges, e-prescribing initiatives, patient safety organizations, and now even theThis course is developed for those subcontractors of Business Associates, greatlyinvolved in the manufacture of expanding the pool of entities directly under Federalpharmaceutical and biologic health care regulation.products, components, andpackaging materials. The coursewill be especially useful forpersonnel responsible for: • The new rules require updating all existing Business Associate Agreements (BAAs). We will discuss what goes into a compliant HIPAA Business Manufacturing Associate agreement, including whats required and Regulatory Affairs whats advisable to protect parties in the event of Research and Development breaches. The new regulatory language for HIPAA Quality Assurance & business associates will be explained and discussed. Control How a BA deals with making their contractors BAs Validation under the new rules will be examined, and the chain Development and of Business Associate relationships will be discussed. Preparation of Submission Materials • The new responsibilities for business associates will be explored, as well as the new liabilities for business associates under the rules. In essence, Business Associates are now subject to the same Security Rule safeguards, and restrictions on uses and disclosures
under the Privacy Rule, as Covered Entities, and are equally as responsible for adopting BAAs and equally subject to penalties for violations. • What goes into a compliance plan will be discussedPricing and we will discuss how to develop your compliance plan and how to prepare for a HIPAA audit. Showing your compliance is a matter of showing thatLive ( Single registration ) : $189.00 you have adopted sufficient policies and procedures,Group ( Max 10 Attendee): $249.00 and that you have been using them throughOn Demand (Recording available):$289 documented actions.Get Training CD : $499 • The new HIPAA penalty structure will be discussed, including new criminal penalties for individuals involved with wrongful disclosures, new mandatory penalties for willful neglect of complianceMore Trainings (starting at $10,000 and going up), and the new, four- tier penalty structure and definitions. • The session will provide attendees the following tools, benefits, and solutions: - The audience will learn how business associates are now handled under the law and the proposed regulations and what has changed from the old rules. - The suggested and required content for a compliant business associate agreement will be presented. - Issues of how to assign liability and costs in the event of a breach will be discussed. - Current BAs will learn what they have to do to get their contractors established as their business associates. - BAs will discover the new obligations on them to ensure their clients comply with HIPAA in their dealings with the BA.
- BAs will learn how to be prepared for complianceaudits and avoid the mandatory penalties for willfulneglect of compliance.Areas Covered in the Session:* Learn about the new requirements for HIPAABusiness Associates• Find out what is changing in the regulations forBusiness Associates• Learn how the definition of BA has beensignificantly expanded• Learn what goes into a proper Business AssociateAgreement• Find out about the new, higher enforcementpenalties• Learn about the new violation categories• Learn about being prepared for a HIPAACompliance AuditAgenda:I. Old Ways, New Ways - Changes to the Rules A. Origins of Changes to Business Associate Rules B. New Definitions of Business Associates C. Contractors of Business AssociatesII. New Requirements and Changed Requirements
for HIPAA Business Associates A. HITECH Act Required Capabilities B. Required Amendments to BAAs C. BAA Provisions to Consider D. Transitioning to the New RulesIII. Enforcement and Audits A. New HIPAA Violation Categories B. New HIPAA Penalty Structure C. Preparing for HIPAA AuditsWhy should you attend :In the past, business associates of HIPAA coveredentities were not directly covered under HIPAA andwere required to conduct themselves only accordingto the contract with the covered entity being served.The American Recovery and Reinvestment Act of2009 (ARRA) establishes new requirements forbusiness associates (BAs) who handle the protectedhealth information of covered entities under HIPAA.In addition, Federal Breach Notification requirementsfor health information directly impact therelationship of covered entities, business associates,and their subcontractors.New HIPAA regulations being finalized in 2012 putHIPAA business associates and their subcontractorsdirectly under the HIPAA rules and make themresponsible for the privacy and security of theinformation they handle, as well as liable forviolations under the rules. Now BAs will need to bein compliance with HIPAA Privacy and Securityprotections, and must also treat all their contractors
as BAs as well, meaning that new agreements mustbe established between parties that have not formerlybeen required to have formal agreements, andexisting agreements must be amended. And thebusiness associate definition now is expanded toinclude entities such as health information exchanges,regional health information organizations, and e-prescribing gateways.Under the proposed regulations, specific languagemust be incorporated in all HIPAA BA agreements,and ARRA requires that business associates can besubject to random compliance audits by the USDepartment of Health and Human Services. HIPAAbreach notification requirements enacted in 2009 alsoapply to business associates, which means that allexisting agreements must be examined to ensure thatliability, indemnification, and notification areproperly covered in the agreements.About SpeakerJim Sheldon-Dean is the founder and director ofcompliance services at Lewis Creek Systems, LLC,a Vermont-based consulting firm founded in 1982,providing information privacy and securityregulatory compliance services to a variety ofhealth care providers, businesses, universities,small and large hospitals, urban and rural mentalhealth and social service agencies, health insuranceplans, and health care business associates. Heserves on the HIMSS Information Systems SecurityWorkgroup, has co-chaired the Workgroup forElectronic Data Interchange Privacy and SecurityWorkgroup, and is a recipient of the 2011 WEDIAward of Merit. He is a frequent speakerregarding HIPAA and information privacy andsecurity compliance issues at seminars andconferences, including speaking engagements atAHIMA national and regional conventions andWEDI national conferences, and before the NewYork Metropolitan Chapter of the HealthcareFinancial Management Association, HealthInformation Management Associations of Virginia,New York City, New York State, and Vermont, the
Connecticut Hospital Association, and the Hospital and Health System Association of Pennsylvania. Sheldon-Dean has nearly 30 years of experience in policy analysis and implementation, business process analysis, information systems and software development. His experience includes leading the development of health care related Web sites; award-winning, best-selling commercial utility software; and mission-critical, fault-tolerant communications satellite control systems. In addition, he has eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. Sheldon- Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master’s degree from the Massachusetts Institute of Technology.https://compliance2go.com/index.php?option=com_training&speakerkey=12&productKey=108 Compliance2go | www.Compliance2go.com Phone : 877.782.4696 | Fax : 281-971-0286 Email : Support@compliance2go.com