• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Webinar or Online Training  on Hipaa 2   what needs to change in policies and procedures
 

Webinar or Online Training on Hipaa 2 what needs to change in policies and procedures

on

  • 262 views

Complianz World is a US based company, and a leading GRC training provider has announced to conduct

Complianz World is a US based company, and a leading GRC training provider has announced to conduct
Webinar & Online Training on
Hipaa 2 what needs to change in policies and procedures

Statistics

Views

Total Views
262
Views on SlideShare
262
Embed Views
0

Actions

Likes
0
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Webinar or Online Training  on Hipaa 2   what needs to change in policies and procedures Webinar or Online Training on Hipaa 2 what needs to change in policies and procedures Presentation Transcript

    • www.complianzworld.com
    •   New rules have finalized the Interim Final Rule on HIPAA Breach Notification, but there has been an important change in how to determine whether or not a breach is reportable. Old policies and processes must be replaced with an updated process meeting the new rule’s requirements no later than September 23, 2013.
    •  HIPAA entities will need to follow the new rules or risk substantial fines and penalties, including multi-year corrective action plans.
    •   HIPAA Breach Notification rules require notification of individuals and HHS when information security is breached, and the rules for determining what to report have changed. The HIPAA Breach Notification Rule required by the HITECH Act within the American Recovery and Reinvestment Act of 2009 requires all HIPAA covered entities and business associates to follow a number of steps to be in compliance.
    •  If there is a breach of protected health information that does not meet one of the strictly defined exceptions or has greater than a “low risk of compromise,” the breach must be reported to the individual, and all such breaches must be reported to the Secretary of the US Department of Health and Human Services at least annually.
    •   There are additional steps to take if the breach affects more than 500 individuals, including media notices and immediate notification of HHS. For every potential breach of PHI, the entity will have to determine if the information breached meets an exception,
    •  or perform a risk assessment considering what the information was, who received it, whether it was actually viewed, and whether or not it was destroyed, and take action to notify the affected individuals if there is greater than a “low probability of compromise.”
    •   Entities must adopt a breach notification policy and procedures to ensure accurate reporting and documentation of breaches, and must take steps to protect information from breaches by using encryption and proper disposal methods meeting Federal standards. Entities must follow the standards and specifications of the HIPAA Security Rule to protect information from breaches and
    •   must negotiate new Business Associate Agreements to include liability for breach notification and requirements for timely reporting to the entity. On top of all this, the landscape of information security threats and breaches is changing dramatically, requiring new kinds of security efforts and consistent application of old safeguards to protect patient information.
    •   What used to be "good enough" is no longer sufficient to properly protect PHI. The HIPAA Breach Notification Rule has been in effect since September 23, 2009 and many organizations are not prepared to respond to a breach of PHI and report and document it properly.
    •   We will discuss the origins of the rule and how it works, including interactions with other HIPAA rules and penalties for violations. HIPAA Covered Entities and Business Associates need to know where and what information they have, so they can know if there has been a breach, and figure out how serious a breach may be and whom to notify if there is a chance of compromise.
    •   Entities can avoid notification if information has been encrypted according to Federal standards. We’ll talk about what information needs to be encrypted the most and how entities are doing it. We will cover the guidance from the US Department of Health and Human Services that shows how to encrypt so as to prevent the need for notification in the event of lost data.
    •   Online compliance Training & webinar on HIPAA 2 - What Needs to Change in Policies and Procedures will discuss how to create the right breach notification policy for your organization and how to follow through when an incident occurs. In addition, a policy framework to help establish good security practices is presented.
    •   We will cover the essentials of information security methods you can use to keep breaches from happening, and be in compliance with the HIPAA Security Rule as well. We'll also discuss the new penalties for non-compliance, including mandatory penalties for "wilful neglect" that begin at $10,000. We will help you understand what isn’t a breach and under what circumstances you don’t have to consider breach notification.
    •  You’ll find out how to report the smaller breaches (less than 500 individuals), as required, within 60 days of the end of each year and you’ll know why you want to avoid a breach involving more than 500 individuals – media notices, Web site notices, and immediate notification of HHS, including posting on the HHS breach notification “wall of shame” on the Web.
    • We will explain, based on historical analysis of reported breaches, what measures must be taken today to protect information from the most common threats, as well as discuss information security trends and explain what kinds of efforts will need to be undertaken in the future to protect the security of PHI.  We will discuss the kinds of threats that exist for PHI and how they're changing as the hackers gain experience and abilities. 
    • Breach Notification Laws  State Breach Notification Laws  Changes to HIPAA  Federal Breach Notification Law and Regulation  The Who, What, and How of Breach Notification
    • Preventing and Preparing for Breaches  Using an Information Security Management Process  Using Risk Analysis and Risk Assessment  Most Common Types of Breaches  Information Security, Incident, and Breach Notification Policies  The Importance of Documentation
    • Enforcement and Audits  New HIPAA Violation Categories and Penalties  Preparing for HIPAA Audits  Case Studies
    • Future Trends and New Threats to Prepare For  History vs. the Future  Why Attack Trends Are Changing  Implications of New Directions in Attacks and Targets
    •             Compliance director CEO CFO Privacy Officer Security Officer Information Systems Manager HIPAA Officer Chief Information Officer Health Information Manager Healthcare Counsel/lawyer Office Manager Contracts Manager
    • Thank you Complianz World is a US based company, and a leading GRC training provider has announced to conduct Webinar or Online Training on HIPAA 2 - What Needs to Change in Policies and Procedures