SlideShare a Scribd company logo

HIPAA Myths Debunked Webinar

Compliancy Group
Compliancy Group

The document summarizes common myths about HIPAA regulations. It discusses 20 myths across several categories, including general myths, business associate myths, and health IT myths. Each myth is stated and then explained to clarify the true requirements of HIPAA. The document aims to debunk misconceptions about what HIPAA does and does not regulate regarding the privacy and security of protected health information.

Healthcare
1 of 57
Download to read offline
• September 23 - Omnibus Celebration • October 21 - Top 5 Compliance tools • November 13 - Human Resources issues for todays medical practitioner 855.85HIPAA www.compliancygroup.com Industry leading Education Certified Partner Program For Today • Please ask questions • Todays Slides http://compliancy-group.com/slides023/ • Upcoming & Past webinars: http://compliancy-group.com/webinar/ Get Involved #cgwebinar
HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINED Matthew Fisher, Esq. Mirick O’Connell DeMallie & Lougee, LLP
WHAT IS HIPAA? § Need brief introduction first § May begin to answers myths, but always useful to have basic background
HIPAA: OVERVIEW § Many implications, but most important are regulating privacy and security of protected health information (PHI) • Privacy – addresses use and disclosure • Security – addresses storage and transmission n Consider statute and implementing regulations ¨ 1996 - Originally enacted ¨ 2009 - Significantly modified by HITECH ¨ 2013 - Final Rule implementing HITECH published
HIPAA: WHO IS SUBJECT? § Covered Entities • Health Care Providers (meeting certain conditions) • Health Insurers • Health Care Clearinghouses § Business Associates • Any entity that assists with or performs functions for a covered entity for any activity regulated by HIPAA • Very broad (e.g. law firms) § Subcontractors of Business Associates
HIPAA: WHAT DOES IT COVER? § “Protected Health Information” or “PHI” § Term of art defined by statute and regulations § If not PHI, then not covered by HIPAA
HIPAA: PRIVACY RULE § General Purpose – regulates “use” and “disclosure” of PHI by “covered entities” and “business associates” • Allows for certain, limited uses and disclosures without requiring authorization • Others require notice to and/or authorization from the patient § Imposes numerous compliance requirements on entities (e.g. tracking, reporting, training)
HIPAA: SECURITY RULE § General purpose – creates standard security measures for the protection of PHI that is created, received, used or maintained by covered entity § Includes various technical requirements and specifications
HIPAA: BREACH NOTIFICATION RULE § General purpose - requires notification if a “breach” of PHI occurs • Applies to a breach by any entity handling PHI • Final rule claimed to create an objective standard, but still has subjective elements • Presumption of a breach, breaching entity must prove why notification is not needed § Increasing exposure to enforcement actions by Office of Civil Rights (OCR)
THE MYTHS
GENERAL MYTHS
MYTH #1 § Healthcare providers are prevented from sharing protected health information with a patient’s family members and caregivers.
MYTH #1 EXPLANATION § FICTION § Providers are permitted to share information with family members and caregivers in certain circumstances § Patient can impact through specific authorization or denial
MYTH #2 § Only a patient or the patient’s personal representative may obtain a copy of that patient’s medical record.
MYTH #2 EXPLAINED § FICTION § Many permissible uses and disclosures § Do not always need permission
MYTH #3 § HIPAA prevents providers and patients from communicating by email.
MYTH #3 EXPLAINED § FICTION § Any information may be sent by email § May need to implement certain protections § Providers should send as instructed by patient
MYTH #4 § Providers are obligated to provide a patient their entire medical record upon request.
MYTH #4 EXPLAINED § FICTION § Certain parts of a record may be exempt from disclosure – often mental health information § State law may influence – must be reviewed in addition to HIPAA
MYTH #5 § HIPAA protects all protected health information no matter who is in possession of it.
MYTH #5 EXPLAINED § FICTION § Only “covered entities” and their “business associates” must comply with HIPAA § Context in which protected health information is held important for determining obligations
MYTH #6 § HIPAA obligates providers to correct any errors that may be in an individual’s medical record.
MYTH #6 EXPLAINED § FICTION § Individuals have the right to request amendments § Request does not guarantee change will be made
MYTH #7 § Your medical records will not impact your credit score or credit generally.
MYTH #7 EXPLAINED § Partial FACT § The record itself does not impact an individual’s credit § However, failure to pay for medical treatments can be reported to credit agencies
MYTH #8 § Protected health information cannot be sold or used for marketing.
MYTH #8 EXPLAINED § Partially FACT § HIPAA limits when protected health information can be used for marketing purposes without authorization § However, de-identified data is not subject to restrictions § Certain, limited marketing also allowed as of right
MYTH #9 § HIPAA requires patients to consent to the sharing of protected health information by providers.
MYTH #9 EXPLAINED § FICTION § Uses and disclosures for “treatment” purposes are allowed without requiring an individual’s consent § Transfers between providers occur without patient involvement
MYTH #10 § HIPAA prevents an individual’s family member from picking up the patient’s prescriptions.
MYTH #10 EXPLAINED § FICTION § A family member can pick up prescriptions, medical supplies, x-rays and other similar forms of protected health information § Allowed if providers determines in patient’s best interests
MYTH #11 § Patients can sue providers for HIPAA violations.
MYTH #11 EXPLAINED § FICTION § There is no private right of action under HIPAA § Only the federal or state government can sue to enforce HIPAA
BUSINESS ASSOCIATE MYTHS
MYTH #12 § A healthcare provider or covered entity can never be a business associate to another covered entity.
MYTH #12 EXPLAINED § FICTION § Need to evaluate what function is being performed § For healthcare services, exempted § If perform billing, data analysis, data storage or other functions can be a business associate § Review definition
MYTH #13 § A cloud data storage company is not a business associate because all the company does is store my information.
MYTH #13 EXPLAINED § FICTION § The Omnibus Rule changed the rules and expanded who is a business associate § Entities that maintain protected information are business associates § Determination is not about access § Only “conduits” outside requirements
MYTH #14 § I’ve been using a new business associate agreement for all arrangements since September 23, 2013, I’m all set and do not need to review any previously existing agreements.
MYTH #14 EXPLAINED § FICTION § Primary compliance date was September 23, 2013 § BUT, then current agreements need to be replaced by September 22, 2014 § Review now to ensure all business associate agreements conform to new requirements
MYTH #15 § A covered entity must get every business associate to sign a business associate agreement.
MYTH #15 EXPLAINED § FACT, but . . . § Regulations require covered entity to have business associate sign § What if business associate refuses? § Arguably can make reasonable efforts § Business associate’s status not driven by agreement, but regulatory definition
MYTH #16 § Now that business associates may be directly liable for breaches, covered entities are off the hook.
MYTH #16 EXPLAINED § FICTION § Even if a business associate is the cause of a breach, a covered entity’s patients still harmed § Covered entities also have obligations to review and oversee actions of business associates
HEALTH IT RELATED MYTHS
MYTH #17 § HIPAA will control and regulate all mobile health apps.
MYTH #17 EXPLAINED § FICTION § Never forget, context determines when HIPAA applies § How will a mobile health app be used § Who is collecting the data and why
MYTH #18 § A covered entity has a bring your own device policy in place, all concerns have been addressed.
MYTH #18 EXPLAINED § FICTION § When was the BYOD policy prepared and what is in it? § Have all circumstances been addressed. § Pay attention to New York and Presbyterian Hospital and Columbia University settlement
MYTH #19 § Small practices are less complex than larger organizations and do not have the same security concerns, so a risk analysis is not necessary.
MYTH #19 EXPLAINED § FICTION § Conducting a risk analysis is a required element under the Security Rule § No exceptions § Necessary to help with development and implementation of security policies § Once not enough either
ONE FINAL MYTH
MYTH #20 § HIPAA can be used as an excuse to deny access to information or otherwise restrict what individuals may do.
MYTH #20 EXPLAINED § FICTION § Oftentimes, HIPAA is improperly cited as a reason to deny a request § Examples: • Parent cannot accompany their children • Visitors must leave a hospital room after a certain time • Offices cannot announce patient names in the waiting room
QUESTIONS?
The Guard: • Intelligent web based solution designed by auditors. • Used by over 1,000 Covered Entities and Business Associates • Quickly and cost-effectively Achieve, Illustrate and Maintain HIPAA, HITECH, and Omnibus Compliance. • HIPAA Audit Guarantee Features • Training, Policy & Procedure Templates Included • Business Associate Management • Document & Version Control • Training & Attestations Tracking • HIPAA Coaches to Assist every step of the way www.compliancy-­‐group.com 855.85 HIPAA (855.854.4722) HIPAA Education Series sponsored by:
CONTACT INFORMATION Matthew Fisher Mirick O’Connell 100 Front Street Worcester, MA 01608 (508) 791-8500 mfisher@mirickoconnell.com @matt_r_fisher

Recommended

HIPAA Compliance and Security in a Mobile World
HIPAA Compliance and Security in a Mobile WorldHIPAA Compliance and Security in a Mobile World
HIPAA Compliance and Security in a Mobile WorldRyan Snell
 
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Compliancy Group
 
HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...Compliancy Group
 
Business Associates: How to differentiate your organization using HIPAA compl...
Business Associates: How to differentiate your organization using HIPAA compl...Business Associates: How to differentiate your organization using HIPAA compl...
Business Associates: How to differentiate your organization using HIPAA compl...Compliancy Group
 
2016-04-21 HIPAA
2016-04-21 HIPAA2016-04-21 HIPAA
2016-04-21 HIPAAJonathan Zuhosky
 
Health Insurance Portability and Accountability Act (HIPAA) Compliance
Health Insurance Portability and Accountability Act (HIPAA) ComplianceHealth Insurance Portability and Accountability Act (HIPAA) Compliance
Health Insurance Portability and Accountability Act (HIPAA) ComplianceControlCase
 
HIPAA
HIPAAHIPAA
HIPAAbelziebub
 
Hcc_hipaa hitech training_Basic www.hcctecnologies.com
Hcc_hipaa hitech training_Basic www.hcctecnologies.comHcc_hipaa hitech training_Basic www.hcctecnologies.com
Hcc_hipaa hitech training_Basic www.hcctecnologies.comejazmazhar
 

Recommended

HIPAA Compliance and Security in a Mobile World
HIPAA Compliance and Security in a Mobile WorldHIPAA Compliance and Security in a Mobile World
HIPAA Compliance and Security in a Mobile WorldRyan Snell
 
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Compliancy Group
 
HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...Compliancy Group
 
Business Associates: How to differentiate your organization using HIPAA compl...
Business Associates: How to differentiate your organization using HIPAA compl...Business Associates: How to differentiate your organization using HIPAA compl...
Business Associates: How to differentiate your organization using HIPAA compl...Compliancy Group
 
2016-04-21 HIPAA
2016-04-21 HIPAA2016-04-21 HIPAA
2016-04-21 HIPAAJonathan Zuhosky
 
Health Insurance Portability and Accountability Act (HIPAA) Compliance
Health Insurance Portability and Accountability Act (HIPAA) ComplianceHealth Insurance Portability and Accountability Act (HIPAA) Compliance
Health Insurance Portability and Accountability Act (HIPAA) ComplianceControlCase
 
HIPAA
HIPAAHIPAA
HIPAAbelziebub
 
Hcc_hipaa hitech training_Basic www.hcctecnologies.com
Hcc_hipaa hitech training_Basic www.hcctecnologies.comHcc_hipaa hitech training_Basic www.hcctecnologies.com
Hcc_hipaa hitech training_Basic www.hcctecnologies.comejazmazhar
 
HIPAA and How it Applies to You
HIPAA and How it Applies to YouHIPAA and How it Applies to You
HIPAA and How it Applies to YouWinston & Strawn LLP
 
The Basics of HIPAA
The Basics of HIPAA The Basics of HIPAA
The Basics of HIPAA DamianKnowles1
 
Red7 Medical Identity Security and Data Protection
Red7 Medical Identity Security and Data ProtectionRed7 Medical Identity Security and Data Protection
Red7 Medical Identity Security and Data ProtectionRobert Grupe, CSSLP CISSP PE PMP
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for DevelopersTrueVault
 
HIPAA Training by Greater Baltimore Medical Center
HIPAA Training by Greater Baltimore Medical CenterHIPAA Training by Greater Baltimore Medical Center
HIPAA Training by Greater Baltimore Medical CenterAtlantic Training, LLC.
 
HIPAA Complaince
HIPAA ComplainceHIPAA Complaince
HIPAA ComplainceFarhatParveen10
 
2017 HIPAA Clinical Research Training
2017 HIPAA Clinical Research Training2017 HIPAA Clinical Research Training
2017 HIPAA Clinical Research TrainingCynthia Holland
 
What You Don’t Know About the HIPAA Security Rule
What You Don’t Know About the HIPAA Security RuleWhat You Don’t Know About the HIPAA Security Rule
What You Don’t Know About the HIPAA Security RuleCooperative of American Physicians, Inc.
 
The Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceThe Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceJim Anfield
 
Hipaa
HipaaHipaa
HipaaSarah10201020
 
HIPAA Audio Presentation
HIPAA Audio PresentationHIPAA Audio Presentation
HIPAA Audio PresentationLisa Shannon, RN, BSN, JD.
 
Hipaa101 updated
Hipaa101 updatedHipaa101 updated
Hipaa101 updatedkkurapat
 
HIPAA Rules and Action Steps for Compliance April 2013
HIPAA Rules and Action Steps for Compliance April 2013HIPAA Rules and Action Steps for Compliance April 2013
HIPAA Rules and Action Steps for Compliance April 2013Quarles & Brady
 
Web hipaa hitech and privacy
Web hipaa hitech and privacyWeb hipaa hitech and privacy
Web hipaa hitech and privacyCarol Buckmann
 
The Health Insurance Portability and Accountability Act 
The Health Insurance Portability and Accountability Act The Health Insurance Portability and Accountability Act 
The Health Insurance Portability and Accountability Act Kartheek Kein
 
HIPAA in the Public Cloud: The Rules Have Been Set - RightScale Compute 2013
HIPAA in the Public Cloud: The Rules Have Been Set - RightScale Compute 2013HIPAA in the Public Cloud: The Rules Have Been Set - RightScale Compute 2013
HIPAA in the Public Cloud: The Rules Have Been Set - RightScale Compute 2013RightScale
 
2013 06-21 HIPPA omnibus rule
2013 06-21 HIPPA omnibus rule2013 06-21 HIPPA omnibus rule
2013 06-21 HIPPA omnibus ruleDusaElraha
 
HNI U: HIPAA Essentials
HNI U: HIPAA EssentialsHNI U: HIPAA Essentials
HNI U: HIPAA EssentialsHNI Risk Services
 
Medical Device Industry - Government Investigations
Medical Device Industry - Government Investigations Medical Device Industry - Government Investigations
Medical Device Industry - Government Investigations Rachel Hamilton
 
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...Compliancy Group
 
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...Compliancy Group
 
HIPAA Training: Privacy Review and Audit Survival Guide
HIPAA Training: Privacy Review and Audit Survival GuideHIPAA Training: Privacy Review and Audit Survival Guide
HIPAA Training: Privacy Review and Audit Survival Guidebenefitexpress
 

More Related Content

What's hot

HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for DevelopersTrueVault
 
HIPAA Training by Greater Baltimore Medical Center
HIPAA Training by Greater Baltimore Medical CenterHIPAA Training by Greater Baltimore Medical Center
HIPAA Training by Greater Baltimore Medical CenterAtlantic Training, LLC.
 
2017 HIPAA Clinical Research Training
2017 HIPAA Clinical Research Training2017 HIPAA Clinical Research Training
2017 HIPAA Clinical Research TrainingCynthia Holland
 
The Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceThe Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceJim Anfield
 
Hipaa101 updated
Hipaa101 updatedHipaa101 updated
Hipaa101 updatedkkurapat
 
HIPAA Rules and Action Steps for Compliance April 2013
HIPAA Rules and Action Steps for Compliance April 2013HIPAA Rules and Action Steps for Compliance April 2013
HIPAA Rules and Action Steps for Compliance April 2013Quarles & Brady
 
Web hipaa hitech and privacy
Web hipaa hitech and privacyWeb hipaa hitech and privacy
Web hipaa hitech and privacyCarol Buckmann
 
The Health Insurance Portability and Accountability Act 
The Health Insurance Portability and Accountability Act The Health Insurance Portability and Accountability Act 
The Health Insurance Portability and Accountability Act Kartheek Kein
 

What's hot (15)

HIPAA and How it Applies to You
HIPAA and How it Applies to YouHIPAA and How it Applies to You
HIPAA and How it Applies to You
 
The Basics of HIPAA
The Basics of HIPAA The Basics of HIPAA
The Basics of HIPAA
 
Red7 Medical Identity Security and Data Protection
Red7 Medical Identity Security and Data ProtectionRed7 Medical Identity Security and Data Protection
Red7 Medical Identity Security and Data Protection
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for Developers
 
HIPAA Training by Greater Baltimore Medical Center
HIPAA Training by Greater Baltimore Medical CenterHIPAA Training by Greater Baltimore Medical Center
HIPAA Training by Greater Baltimore Medical Center
 
HIPAA Complaince
HIPAA ComplainceHIPAA Complaince
HIPAA Complaince
 
2017 HIPAA Clinical Research Training
2017 HIPAA Clinical Research Training2017 HIPAA Clinical Research Training
2017 HIPAA Clinical Research Training
 
What You Don’t Know About the HIPAA Security Rule
What You Don’t Know About the HIPAA Security RuleWhat You Don’t Know About the HIPAA Security Rule
What You Don’t Know About the HIPAA Security Rule
 
The Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceThe Startup Path to HIPAA Compliance
The Startup Path to HIPAA Compliance
 
Hipaa
HipaaHipaa
Hipaa
 
HIPAA Audio Presentation
HIPAA Audio PresentationHIPAA Audio Presentation
HIPAA Audio Presentation
 
Hipaa101 updated
Hipaa101 updatedHipaa101 updated
Hipaa101 updated
 
HIPAA Rules and Action Steps for Compliance April 2013
HIPAA Rules and Action Steps for Compliance April 2013HIPAA Rules and Action Steps for Compliance April 2013
HIPAA Rules and Action Steps for Compliance April 2013
 
Web hipaa hitech and privacy
Web hipaa hitech and privacyWeb hipaa hitech and privacy
Web hipaa hitech and privacy
 
The Health Insurance Portability and Accountability Act 
The Health Insurance Portability and Accountability Act The Health Insurance Portability and Accountability Act 
The Health Insurance Portability and Accountability Act 
 

Similar to HIPAA Myths Debunked Webinar

HIPAA in the Public Cloud: The Rules Have Been Set - RightScale Compute 2013
HIPAA in the Public Cloud: The Rules Have Been Set - RightScale Compute 2013HIPAA in the Public Cloud: The Rules Have Been Set - RightScale Compute 2013
HIPAA in the Public Cloud: The Rules Have Been Set - RightScale Compute 2013RightScale
 
2013 06-21 HIPPA omnibus rule
2013 06-21 HIPPA omnibus rule2013 06-21 HIPPA omnibus rule
2013 06-21 HIPPA omnibus ruleDusaElraha
 
Medical Device Industry - Government Investigations
Medical Device Industry - Government Investigations Medical Device Industry - Government Investigations
Medical Device Industry - Government Investigations Rachel Hamilton
 
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...Compliancy Group
 
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...Compliancy Group
 
HIPAA Training: Privacy Review and Audit Survival Guide
HIPAA Training: Privacy Review and Audit Survival GuideHIPAA Training: Privacy Review and Audit Survival Guide
HIPAA Training: Privacy Review and Audit Survival Guidebenefitexpress
 
HIPAA and HITECH : What you need to know
HIPAA and HITECH : What you need to knowHIPAA and HITECH : What you need to know
HIPAA and HITECH : What you need to knowShred-it
 
Rightscale webinar-hipaa-public-cloud
Rightscale webinar-hipaa-public-cloudRightscale webinar-hipaa-public-cloud
Rightscale webinar-hipaa-public-cloudRightScale
 
Keeping Control: Data Security and Vendor Management
Keeping Control: Data Security and Vendor ManagementKeeping Control: Data Security and Vendor Management
Keeping Control: Data Security and Vendor ManagementPaige Rasid
 
Introduction to HIPAA for Healthcare Professionals by OUP
Introduction to HIPAA for Healthcare Professionals by OUPIntroduction to HIPAA for Healthcare Professionals by OUP
Introduction to HIPAA for Healthcare Professionals by OUPAtlantic Training, LLC.
 
Privacy & security training.pptx
Privacy & security training.pptxPrivacy & security training.pptx
Privacy & security training.pptxQmcleod
 
Privacy & security training.pptx
Privacy & security training.pptxPrivacy & security training.pptx
Privacy & security training.pptxQmcleod
 
Meeting the HIPAA Privacy Requirements
Meeting the HIPAA Privacy RequirementsMeeting the HIPAA Privacy Requirements
Meeting the HIPAA Privacy Requirementsbenefitexpress
 
Confidentiality of Information
Confidentiality of InformationConfidentiality of Information
Confidentiality of Informationrrevels57
 
Mha690 brittany koenig week 1 assignment2
Mha690 brittany koenig week 1 assignment2Mha690 brittany koenig week 1 assignment2
Mha690 brittany koenig week 1 assignment2bkoenig2010
 
Mha690 brittany koenig week 1 assignment2
Mha690 brittany koenig week 1 assignment2Mha690 brittany koenig week 1 assignment2
Mha690 brittany koenig week 1 assignment2bkoenig2010
 
Data Security and Privacy Practices
Data Security and Privacy PracticesData Security and Privacy Practices
Data Security and Privacy PracticesSpringfield Clinic
 
Keys To HIPAA Compliance
Keys To HIPAA ComplianceKeys To HIPAA Compliance
Keys To HIPAA ComplianceCBIZ, Inc.
 

Similar to HIPAA Myths Debunked Webinar (20)

HIPAA in the Public Cloud: The Rules Have Been Set - RightScale Compute 2013
HIPAA in the Public Cloud: The Rules Have Been Set - RightScale Compute 2013HIPAA in the Public Cloud: The Rules Have Been Set - RightScale Compute 2013
HIPAA in the Public Cloud: The Rules Have Been Set - RightScale Compute 2013
 
2013 06-21 HIPPA omnibus rule
2013 06-21 HIPPA omnibus rule2013 06-21 HIPPA omnibus rule
2013 06-21 HIPPA omnibus rule
 
HNI U: HIPAA Essentials
HNI U: HIPAA EssentialsHNI U: HIPAA Essentials
HNI U: HIPAA Essentials
 
Medical Device Industry - Government Investigations
Medical Device Industry - Government Investigations Medical Device Industry - Government Investigations
Medical Device Industry - Government Investigations
 
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
 
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
 
HIPAA Training: Privacy Review and Audit Survival Guide
HIPAA Training: Privacy Review and Audit Survival GuideHIPAA Training: Privacy Review and Audit Survival Guide
HIPAA Training: Privacy Review and Audit Survival Guide
 
HIPAA and HITECH : What you need to know
HIPAA and HITECH : What you need to knowHIPAA and HITECH : What you need to know
HIPAA and HITECH : What you need to know
 
Rightscale webinar-hipaa-public-cloud
Rightscale webinar-hipaa-public-cloudRightscale webinar-hipaa-public-cloud
Rightscale webinar-hipaa-public-cloud
 
Mha 690 week 1 dq 2
Mha 690 week 1 dq 2Mha 690 week 1 dq 2
Mha 690 week 1 dq 2
 
Keeping Control: Data Security and Vendor Management
Keeping Control: Data Security and Vendor ManagementKeeping Control: Data Security and Vendor Management
Keeping Control: Data Security and Vendor Management
 
Introduction to HIPAA for Healthcare Professionals by OUP
Introduction to HIPAA for Healthcare Professionals by OUPIntroduction to HIPAA for Healthcare Professionals by OUP
Introduction to HIPAA for Healthcare Professionals by OUP
 
Privacy & security training.pptx
Privacy & security training.pptxPrivacy & security training.pptx
Privacy & security training.pptx
 
Privacy & security training.pptx
Privacy & security training.pptxPrivacy & security training.pptx
Privacy & security training.pptx
 
Meeting the HIPAA Privacy Requirements
Meeting the HIPAA Privacy RequirementsMeeting the HIPAA Privacy Requirements
Meeting the HIPAA Privacy Requirements
 
Confidentiality of Information
Confidentiality of InformationConfidentiality of Information
Confidentiality of Information
 
Mha690 brittany koenig week 1 assignment2
Mha690 brittany koenig week 1 assignment2Mha690 brittany koenig week 1 assignment2
Mha690 brittany koenig week 1 assignment2
 
Mha690 brittany koenig week 1 assignment2
Mha690 brittany koenig week 1 assignment2Mha690 brittany koenig week 1 assignment2
Mha690 brittany koenig week 1 assignment2
 
Data Security and Privacy Practices
Data Security and Privacy PracticesData Security and Privacy Practices
Data Security and Privacy Practices
 
Keys To HIPAA Compliance
Keys To HIPAA ComplianceKeys To HIPAA Compliance
Keys To HIPAA Compliance
 

More from Compliancy Group

HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016Compliancy Group
 
How to safeguard ePHIi in the cloud
How to safeguard ePHIi in the cloud How to safeguard ePHIi in the cloud
How to safeguard ePHIi in the cloud Compliancy Group
 
HIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowHIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowCompliancy Group
 
How to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 auditsHow to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 auditsCompliancy Group
 
Preparing for the unexpected in your medical practice
Preparing for the unexpected in your medical practicePreparing for the unexpected in your medical practice
Preparing for the unexpected in your medical practiceCompliancy Group
 
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...Compliancy Group
 
How to Survive a HIPAA Audit
How to Survive a HIPAA AuditHow to Survive a HIPAA Audit
How to Survive a HIPAA AuditCompliancy Group
 
How to Increase Your Profits Using Patient Payments on File, Recurring and On...
How to Increase Your Profits Using Patient Payments on File, Recurring and On...How to Increase Your Profits Using Patient Payments on File, Recurring and On...
How to Increase Your Profits Using Patient Payments on File, Recurring and On...Compliancy Group
 
Why a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA ComplianceWhy a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA ComplianceCompliancy Group
 
The must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challengeThe must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challengeCompliancy Group
 
What you need to know about Meaningful Use 2 & interoperability
What you need to know about Meaningful Use 2 & interoperabilityWhat you need to know about Meaningful Use 2 & interoperability
What you need to know about Meaningful Use 2 & interoperabilityCompliancy Group
 
Just the Facts- Meaningful Use Stage 2 & ICD 10
Just the Facts- Meaningful Use Stage 2 & ICD 10Just the Facts- Meaningful Use Stage 2 & ICD 10
Just the Facts- Meaningful Use Stage 2 & ICD 10Compliancy Group
 
Is Your EHR Safe? New Technologies for Auditing
Is Your EHR Safe? New Technologies for AuditingIs Your EHR Safe? New Technologies for Auditing
Is Your EHR Safe? New Technologies for AuditingCompliancy Group
 
Business Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance InfographicBusiness Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance InfographicCompliancy Group
 
Surving a HIPAA Audit Infographic
Surving a HIPAA Audit InfographicSurving a HIPAA Audit Infographic
Surving a HIPAA Audit InfographicCompliancy Group
 
Cyber & Privacy Risk Infographic
Cyber & Privacy Risk InfographicCyber & Privacy Risk Infographic
Cyber & Privacy Risk InfographicCompliancy Group
 
Surviving a HIPAA Audit: Five Crucial Steps
Surviving a HIPAA Audit: Five Crucial Steps Surviving a HIPAA Audit: Five Crucial Steps
Surviving a HIPAA Audit: Five Crucial Steps Compliancy Group
 
Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...Compliancy Group
 
HIPAA Breach: Did You Know?
HIPAA Breach: Did You Know?HIPAA Breach: Did You Know?
HIPAA Breach: Did You Know?Compliancy Group
 

More from Compliancy Group (20)

HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016
 
How to safeguard ePHIi in the cloud
How to safeguard ePHIi in the cloud How to safeguard ePHIi in the cloud
How to safeguard ePHIi in the cloud
 
HIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowHIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to know
 
How to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 auditsHow to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 audits
 
Preparing for the unexpected in your medical practice
Preparing for the unexpected in your medical practicePreparing for the unexpected in your medical practice
Preparing for the unexpected in your medical practice
 
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
 
How to Survive a HIPAA Audit
How to Survive a HIPAA AuditHow to Survive a HIPAA Audit
How to Survive a HIPAA Audit
 
Meaningful Use vs HIPAA
Meaningful Use vs HIPAAMeaningful Use vs HIPAA
Meaningful Use vs HIPAA
 
How to Increase Your Profits Using Patient Payments on File, Recurring and On...
How to Increase Your Profits Using Patient Payments on File, Recurring and On...How to Increase Your Profits Using Patient Payments on File, Recurring and On...
How to Increase Your Profits Using Patient Payments on File, Recurring and On...
 
Why a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA ComplianceWhy a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA Compliance
 
The must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challengeThe must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challenge
 
What you need to know about Meaningful Use 2 & interoperability
What you need to know about Meaningful Use 2 & interoperabilityWhat you need to know about Meaningful Use 2 & interoperability
What you need to know about Meaningful Use 2 & interoperability
 
Just the Facts- Meaningful Use Stage 2 & ICD 10
Just the Facts- Meaningful Use Stage 2 & ICD 10Just the Facts- Meaningful Use Stage 2 & ICD 10
Just the Facts- Meaningful Use Stage 2 & ICD 10
 
Is Your EHR Safe? New Technologies for Auditing
Is Your EHR Safe? New Technologies for AuditingIs Your EHR Safe? New Technologies for Auditing
Is Your EHR Safe? New Technologies for Auditing
 
Business Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance InfographicBusiness Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance Infographic
 
Surving a HIPAA Audit Infographic
Surving a HIPAA Audit InfographicSurving a HIPAA Audit Infographic
Surving a HIPAA Audit Infographic
 
Cyber & Privacy Risk Infographic
Cyber & Privacy Risk InfographicCyber & Privacy Risk Infographic
Cyber & Privacy Risk Infographic
 
Surviving a HIPAA Audit: Five Crucial Steps
Surviving a HIPAA Audit: Five Crucial Steps Surviving a HIPAA Audit: Five Crucial Steps
Surviving a HIPAA Audit: Five Crucial Steps
 
Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...
 
HIPAA Breach: Did You Know?
HIPAA Breach: Did You Know?HIPAA Breach: Did You Know?
HIPAA Breach: Did You Know?
 

Recently uploaded

Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...High Profile Call Girls Chandigarh Aarushi
 
Call Girls in Mohali Surbhi ❤️🍑 9907093804 👄🫦 Independent Escort Service Mohali
Call Girls in Mohali Surbhi ❤️🍑 9907093804 👄🫦 Independent Escort Service MohaliCall Girls in Mohali Surbhi ❤️🍑 9907093804 👄🫦 Independent Escort Service Mohali
Call Girls in Mohali Surbhi ❤️🍑 9907093804 👄🫦 Independent Escort Service MohaliHigh Profile Call Girls Chandigarh Aarushi
 
Call Girls Hyderabad Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Hyderabad Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Hyderabad Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Hyderabad Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 
❤️♀️@ Jaipur Call Girl Agency ❤️♀️@ Manjeet Russian Call Girls Service in Jai...
❤️♀️@ Jaipur Call Girl Agency ❤️♀️@ Manjeet Russian Call Girls Service in Jai...❤️♀️@ Jaipur Call Girl Agency ❤️♀️@ Manjeet Russian Call Girls Service in Jai...
❤️♀️@ Jaipur Call Girl Agency ❤️♀️@ Manjeet Russian Call Girls Service in Jai...Gfnyt.com
 
Russian Call Girls Kota * 8250192130 Service starts from just ₹9999 ✅
Russian Call Girls Kota * 8250192130 Service starts from just ₹9999 ✅Russian Call Girls Kota * 8250192130 Service starts from just ₹9999 ✅
Russian Call Girls Kota * 8250192130 Service starts from just ₹9999 ✅gragmanisha42
 
Call Girl Gurgaon Saloni 9711199012 Independent Escort Service Gurgaon
Call Girl Gurgaon Saloni 9711199012 Independent Escort Service GurgaonCall Girl Gurgaon Saloni 9711199012 Independent Escort Service Gurgaon
Call Girl Gurgaon Saloni 9711199012 Independent Escort Service GurgaonCall Girls Service Gurgaon
 
VIP Kolkata Call Girl New Town 👉 8250192130 Available With Room
VIP Kolkata Call Girl New Town 👉 8250192130 Available With RoomVIP Kolkata Call Girl New Town 👉 8250192130 Available With Room
VIP Kolkata Call Girl New Town 👉 8250192130 Available With Roomdivyansh0kumar0
 
Russian Escorts Aishbagh Road * 9548273370 Naughty Call Girls Service in Lucknow
Russian Escorts Aishbagh Road * 9548273370 Naughty Call Girls Service in LucknowRussian Escorts Aishbagh Road * 9548273370 Naughty Call Girls Service in Lucknow
Russian Escorts Aishbagh Road * 9548273370 Naughty Call Girls Service in Lucknowgragteena
 
Bangalore call girl 👯‍♀️@ Simran Independent Call Girls in Bangalore GIUXUZ...
Bangalore call girl 👯‍♀️@ Simran Independent Call Girls in Bangalore GIUXUZ...Bangalore call girl 👯‍♀️@ Simran Independent Call Girls in Bangalore GIUXUZ...
Bangalore call girl 👯‍♀️@ Simran Independent Call Girls in Bangalore GIUXUZ...Gfnyt
 
VIP Call Girls Noida Jhanvi 9711199171 Best VIP Call Girls Near Me
VIP Call Girls Noida Jhanvi 9711199171 Best VIP Call Girls Near MeVIP Call Girls Noida Jhanvi 9711199171 Best VIP Call Girls Near Me
VIP Call Girls Noida Jhanvi 9711199171 Best VIP Call Girls Near Memriyagarg453
 
Call Girls Service Chandigarh Gori WhatsApp ❤9115573837 VIP Call Girls Chandi...
Call Girls Service Chandigarh Gori WhatsApp ❤9115573837 VIP Call Girls Chandi...Call Girls Service Chandigarh Gori WhatsApp ❤9115573837 VIP Call Girls Chandi...
Call Girls Service Chandigarh Gori WhatsApp ❤9115573837 VIP Call Girls Chandi...Niamh verma
 
Chandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
Chandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real MeetChandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
Chandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real Meetpriyashah722354
 
💚😋Kolkata Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Kolkata Escort Service Call Girls, ₹5000 To 25K With AC💚😋💚😋Kolkata Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Kolkata Escort Service Call Girls, ₹5000 To 25K With AC💚😋Sheetaleventcompany
 
Dehradun Call Girls Service 7017441440 Real Russian Girls Looking Models
Dehradun Call Girls Service 7017441440 Real Russian Girls Looking ModelsDehradun Call Girls Service 7017441440 Real Russian Girls Looking Models
Dehradun Call Girls Service 7017441440 Real Russian Girls Looking Modelsindiancallgirl4rent
 

Recently uploaded (20)

Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
 
Call Girls in Mohali Surbhi ❤️🍑 9907093804 👄🫦 Independent Escort Service Mohali
Call Girls in Mohali Surbhi ❤️🍑 9907093804 👄🫦 Independent Escort Service MohaliCall Girls in Mohali Surbhi ❤️🍑 9907093804 👄🫦 Independent Escort Service Mohali
Call Girls in Mohali Surbhi ❤️🍑 9907093804 👄🫦 Independent Escort Service Mohali
 
#9711199012# African Student Escorts in Delhi 😘 Call Girls Delhi
#9711199012# African Student Escorts in Delhi 😘 Call Girls Delhi#9711199012# African Student Escorts in Delhi 😘 Call Girls Delhi
#9711199012# African Student Escorts in Delhi 😘 Call Girls Delhi
 
Call Girls Hyderabad Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Hyderabad Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Hyderabad Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Hyderabad Just Call 9907093804 Top Class Call Girl Service Available
 
Call Girl Guwahati Aashi 👉 7001305949 👈 🔝 Independent Escort Service Guwahati
Call Girl Guwahati Aashi 👉 7001305949 👈 🔝 Independent Escort Service GuwahatiCall Girl Guwahati Aashi 👉 7001305949 👈 🔝 Independent Escort Service Guwahati
Call Girl Guwahati Aashi 👉 7001305949 👈 🔝 Independent Escort Service Guwahati
 
❤️♀️@ Jaipur Call Girl Agency ❤️♀️@ Manjeet Russian Call Girls Service in Jai...
❤️♀️@ Jaipur Call Girl Agency ❤️♀️@ Manjeet Russian Call Girls Service in Jai...❤️♀️@ Jaipur Call Girl Agency ❤️♀️@ Manjeet Russian Call Girls Service in Jai...
❤️♀️@ Jaipur Call Girl Agency ❤️♀️@ Manjeet Russian Call Girls Service in Jai...
 
Russian Call Girls Kota * 8250192130 Service starts from just ₹9999 ✅
Russian Call Girls Kota * 8250192130 Service starts from just ₹9999 ✅Russian Call Girls Kota * 8250192130 Service starts from just ₹9999 ✅
Russian Call Girls Kota * 8250192130 Service starts from just ₹9999 ✅
 
Call Girl Gurgaon Saloni 9711199012 Independent Escort Service Gurgaon
Call Girl Gurgaon Saloni 9711199012 Independent Escort Service GurgaonCall Girl Gurgaon Saloni 9711199012 Independent Escort Service Gurgaon
Call Girl Gurgaon Saloni 9711199012 Independent Escort Service Gurgaon
 
VIP Kolkata Call Girl New Town 👉 8250192130 Available With Room
VIP Kolkata Call Girl New Town 👉 8250192130 Available With RoomVIP Kolkata Call Girl New Town 👉 8250192130 Available With Room
VIP Kolkata Call Girl New Town 👉 8250192130 Available With Room
 
VIP Call Girls Lucknow Isha 🔝 9719455033 🔝 🎶 Independent Escort Service Lucknow
VIP Call Girls Lucknow Isha 🔝 9719455033 🔝 🎶 Independent Escort Service LucknowVIP Call Girls Lucknow Isha 🔝 9719455033 🔝 🎶 Independent Escort Service Lucknow
VIP Call Girls Lucknow Isha 🔝 9719455033 🔝 🎶 Independent Escort Service Lucknow
 
Russian Escorts Aishbagh Road * 9548273370 Naughty Call Girls Service in Lucknow
Russian Escorts Aishbagh Road * 9548273370 Naughty Call Girls Service in LucknowRussian Escorts Aishbagh Road * 9548273370 Naughty Call Girls Service in Lucknow
Russian Escorts Aishbagh Road * 9548273370 Naughty Call Girls Service in Lucknow
 
College Call Girls Dehradun Kavya 🔝 7001305949 🔝 📍 Independent Escort Service...
College Call Girls Dehradun Kavya 🔝 7001305949 🔝 📍 Independent Escort Service...College Call Girls Dehradun Kavya 🔝 7001305949 🔝 📍 Independent Escort Service...
College Call Girls Dehradun Kavya 🔝 7001305949 🔝 📍 Independent Escort Service...
 
Model Call Girl in Subhash Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Subhash Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Subhash Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Subhash Nagar Delhi reach out to us at 🔝9953056974🔝
 
Bangalore call girl 👯‍♀️@ Simran Independent Call Girls in Bangalore GIUXUZ...
Bangalore call girl 👯‍♀️@ Simran Independent Call Girls in Bangalore GIUXUZ...Bangalore call girl 👯‍♀️@ Simran Independent Call Girls in Bangalore GIUXUZ...
Bangalore call girl 👯‍♀️@ Simran Independent Call Girls in Bangalore GIUXUZ...
 
VIP Call Girls Noida Jhanvi 9711199171 Best VIP Call Girls Near Me
VIP Call Girls Noida Jhanvi 9711199171 Best VIP Call Girls Near MeVIP Call Girls Noida Jhanvi 9711199171 Best VIP Call Girls Near Me
VIP Call Girls Noida Jhanvi 9711199171 Best VIP Call Girls Near Me
 
Call Girls Service Chandigarh Gori WhatsApp ❤9115573837 VIP Call Girls Chandi...
Call Girls Service Chandigarh Gori WhatsApp ❤9115573837 VIP Call Girls Chandi...Call Girls Service Chandigarh Gori WhatsApp ❤9115573837 VIP Call Girls Chandi...
Call Girls Service Chandigarh Gori WhatsApp ❤9115573837 VIP Call Girls Chandi...
 
Chandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
Chandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real MeetChandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
Chandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
 
💚😋Kolkata Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Kolkata Escort Service Call Girls, ₹5000 To 25K With AC💚😋💚😋Kolkata Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Kolkata Escort Service Call Girls, ₹5000 To 25K With AC💚😋
 
Dehradun Call Girls Service 7017441440 Real Russian Girls Looking Models
Dehradun Call Girls Service 7017441440 Real Russian Girls Looking ModelsDehradun Call Girls Service 7017441440 Real Russian Girls Looking Models
Dehradun Call Girls Service 7017441440 Real Russian Girls Looking Models
 
Call Girl Lucknow Gauri 🔝 8923113531 🔝 🎶 Independent Escort Service Lucknow
Call Girl Lucknow Gauri 🔝 8923113531 🔝 🎶 Independent Escort Service LucknowCall Girl Lucknow Gauri 🔝 8923113531 🔝 🎶 Independent Escort Service Lucknow
Call Girl Lucknow Gauri 🔝 8923113531 🔝 🎶 Independent Escort Service Lucknow
 

HIPAA Myths Debunked Webinar

  • 1. • September 23 - Omnibus Celebration • October 21 - Top 5 Compliance tools • November 13 - Human Resources issues for todays medical practitioner 855.85HIPAA www.compliancygroup.com Industry leading Education Certified Partner Program For Today • Please ask questions • Todays Slides http://compliancy-group.com/slides023/ • Upcoming & Past webinars: http://compliancy-group.com/webinar/ Get Involved #cgwebinar
  • 2. HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINED Matthew Fisher, Esq. Mirick O’Connell DeMallie & Lougee, LLP
  • 3. WHAT IS HIPAA? § Need brief introduction first § May begin to answers myths, but always useful to have basic background
  • 4. HIPAA: OVERVIEW § Many implications, but most important are regulating privacy and security of protected health information (PHI) • Privacy – addresses use and disclosure • Security – addresses storage and transmission n Consider statute and implementing regulations ¨ 1996 - Originally enacted ¨ 2009 - Significantly modified by HITECH ¨ 2013 - Final Rule implementing HITECH published
  • 5. HIPAA: WHO IS SUBJECT? § Covered Entities • Health Care Providers (meeting certain conditions) • Health Insurers • Health Care Clearinghouses § Business Associates • Any entity that assists with or performs functions for a covered entity for any activity regulated by HIPAA • Very broad (e.g. law firms) § Subcontractors of Business Associates
  • 6. HIPAA: WHAT DOES IT COVER? § “Protected Health Information” or “PHI” § Term of art defined by statute and regulations § If not PHI, then not covered by HIPAA
  • 7. HIPAA: PRIVACY RULE § General Purpose – regulates “use” and “disclosure” of PHI by “covered entities” and “business associates” • Allows for certain, limited uses and disclosures without requiring authorization • Others require notice to and/or authorization from the patient § Imposes numerous compliance requirements on entities (e.g. tracking, reporting, training)
  • 8. HIPAA: SECURITY RULE § General purpose – creates standard security measures for the protection of PHI that is created, received, used or maintained by covered entity § Includes various technical requirements and specifications
  • 9. HIPAA: BREACH NOTIFICATION RULE § General purpose - requires notification if a “breach” of PHI occurs • Applies to a breach by any entity handling PHI • Final rule claimed to create an objective standard, but still has subjective elements • Presumption of a breach, breaching entity must prove why notification is not needed § Increasing exposure to enforcement actions by Office of Civil Rights (OCR)
  • 12. MYTH #1 § Healthcare providers are prevented from sharing protected health information with a patient’s family members and caregivers.
  • 13. MYTH #1 EXPLANATION § FICTION § Providers are permitted to share information with family members and caregivers in certain circumstances § Patient can impact through specific authorization or denial
  • 14. MYTH #2 § Only a patient or the patient’s personal representative may obtain a copy of that patient’s medical record.
  • 15. MYTH #2 EXPLAINED § FICTION § Many permissible uses and disclosures § Do not always need permission
  • 16. MYTH #3 § HIPAA prevents providers and patients from communicating by email.
  • 17. MYTH #3 EXPLAINED § FICTION § Any information may be sent by email § May need to implement certain protections § Providers should send as instructed by patient
  • 18. MYTH #4 § Providers are obligated to provide a patient their entire medical record upon request.
  • 19. MYTH #4 EXPLAINED § FICTION § Certain parts of a record may be exempt from disclosure – often mental health information § State law may influence – must be reviewed in addition to HIPAA
  • 20. MYTH #5 § HIPAA protects all protected health information no matter who is in possession of it.
  • 21. MYTH #5 EXPLAINED § FICTION § Only “covered entities” and their “business associates” must comply with HIPAA § Context in which protected health information is held important for determining obligations
  • 22. MYTH #6 § HIPAA obligates providers to correct any errors that may be in an individual’s medical record.
  • 23. MYTH #6 EXPLAINED § FICTION § Individuals have the right to request amendments § Request does not guarantee change will be made
  • 24. MYTH #7 § Your medical records will not impact your credit score or credit generally.
  • 25. MYTH #7 EXPLAINED § Partial FACT § The record itself does not impact an individual’s credit § However, failure to pay for medical treatments can be reported to credit agencies
  • 26. MYTH #8 § Protected health information cannot be sold or used for marketing.
  • 27. MYTH #8 EXPLAINED § Partially FACT § HIPAA limits when protected health information can be used for marketing purposes without authorization § However, de-identified data is not subject to restrictions § Certain, limited marketing also allowed as of right
  • 28. MYTH #9 § HIPAA requires patients to consent to the sharing of protected health information by providers.
  • 29. MYTH #9 EXPLAINED § FICTION § Uses and disclosures for “treatment” purposes are allowed without requiring an individual’s consent § Transfers between providers occur without patient involvement
  • 30. MYTH #10 § HIPAA prevents an individual’s family member from picking up the patient’s prescriptions.
  • 31. MYTH #10 EXPLAINED § FICTION § A family member can pick up prescriptions, medical supplies, x-rays and other similar forms of protected health information § Allowed if providers determines in patient’s best interests
  • 32. MYTH #11 § Patients can sue providers for HIPAA violations.
  • 33. MYTH #11 EXPLAINED § FICTION § There is no private right of action under HIPAA § Only the federal or state government can sue to enforce HIPAA
  • 35. MYTH #12 § A healthcare provider or covered entity can never be a business associate to another covered entity.
  • 36. MYTH #12 EXPLAINED § FICTION § Need to evaluate what function is being performed § For healthcare services, exempted § If perform billing, data analysis, data storage or other functions can be a business associate § Review definition
  • 37. MYTH #13 § A cloud data storage company is not a business associate because all the company does is store my information.
  • 38. MYTH #13 EXPLAINED § FICTION § The Omnibus Rule changed the rules and expanded who is a business associate § Entities that maintain protected information are business associates § Determination is not about access § Only “conduits” outside requirements
  • 39. MYTH #14 § I’ve been using a new business associate agreement for all arrangements since September 23, 2013, I’m all set and do not need to review any previously existing agreements.
  • 40. MYTH #14 EXPLAINED § FICTION § Primary compliance date was September 23, 2013 § BUT, then current agreements need to be replaced by September 22, 2014 § Review now to ensure all business associate agreements conform to new requirements
  • 41. MYTH #15 § A covered entity must get every business associate to sign a business associate agreement.
  • 42. MYTH #15 EXPLAINED § FACT, but . . . § Regulations require covered entity to have business associate sign § What if business associate refuses? § Arguably can make reasonable efforts § Business associate’s status not driven by agreement, but regulatory definition
  • 43. MYTH #16 § Now that business associates may be directly liable for breaches, covered entities are off the hook.
  • 44. MYTH #16 EXPLAINED § FICTION § Even if a business associate is the cause of a breach, a covered entity’s patients still harmed § Covered entities also have obligations to review and oversee actions of business associates
  • 46. MYTH #17 § HIPAA will control and regulate all mobile health apps.
  • 47. MYTH #17 EXPLAINED § FICTION § Never forget, context determines when HIPAA applies § How will a mobile health app be used § Who is collecting the data and why
  • 48. MYTH #18 § A covered entity has a bring your own device policy in place, all concerns have been addressed.
  • 49. MYTH #18 EXPLAINED § FICTION § When was the BYOD policy prepared and what is in it? § Have all circumstances been addressed. § Pay attention to New York and Presbyterian Hospital and Columbia University settlement
  • 50. MYTH #19 § Small practices are less complex than larger organizations and do not have the same security concerns, so a risk analysis is not necessary.
  • 51. MYTH #19 EXPLAINED § FICTION § Conducting a risk analysis is a required element under the Security Rule § No exceptions § Necessary to help with development and implementation of security policies § Once not enough either
  • 53. MYTH #20 § HIPAA can be used as an excuse to deny access to information or otherwise restrict what individuals may do.
  • 54. MYTH #20 EXPLAINED § FICTION § Oftentimes, HIPAA is improperly cited as a reason to deny a request § Examples: • Parent cannot accompany their children • Visitors must leave a hospital room after a certain time • Offices cannot announce patient names in the waiting room
  • 56. The Guard: • Intelligent web based solution designed by auditors. • Used by over 1,000 Covered Entities and Business Associates • Quickly and cost-effectively Achieve, Illustrate and Maintain HIPAA, HITECH, and Omnibus Compliance. • HIPAA Audit Guarantee Features • Training, Policy & Procedure Templates Included • Business Associate Management • Document & Version Control • Training & Attestations Tracking • HIPAA Coaches to Assist every step of the way www.compliancy-­‐group.com 855.85 HIPAA (855.854.4722) HIPAA Education Series sponsored by:
  • 57. CONTACT INFORMATION Matthew Fisher Mirick O’Connell 100 Front Street Worcester, MA 01608 (508) 791-8500 mfisher@mirickoconnell.com @matt_r_fisher