The Next Few Things To Immediately Do About Hipaa Training for Compliance Officer

It will also address major changes under the Omnibus Rule and any other applicable updates.

This 6-hour seminar will be addressing how practice/business managers (or compliance offers) need to get their HIPAA house in order before the imminent audits occur. It will also address major changes under the Omnibus Rule and any other applicable updates for 2018.

Areas also covered will be texting, email, encryption, medical messaging, voice data and risk factors as they relate to IT.
The primary goal is to ensure everyone is well educated on what is myth and what is reality with this law, there is so much misleading information regarding the do’s and don’ts with HIPAA -I want to add clarity for compliance officers and what you guys need to do and how to best implement your HIPAA program based on over 18 years of personal experience working with Federal auditors, state auditors, and corporate auditors.

We will go through multiple scenarios that are commonly faced by compliance officers and how to manage these situations
I will also speak to real life litigated cases I have worked where HIPAA is being used to justify state cases of negligence -THIS IS BECOMING A HUGE RISK!

In addition, this course will cover the highest risk factors for being sued as well as being audited (these two items tend to go hand in hand).

Why you need to know 

Do you have an affective HIPAA compliance program?  Do you know what needs to be done to satisfy the requirements?
New laws, funding, and enforcement mean increased risk for both business associates and covered entities – 2017 was a record year for enforcement and fines – 2018 will be no different.

HIPAA Omnibus – Do you know what’s involved and what you need to do?

What does Omnibus mean for covered entities and business associates?

Why should you be concerned?

Court cases that are changing the landscape of HIPAA and patient’s ability to sue!

TRIAL ATTORNEYS ARE MORE DANGEROUS THAN THE FEDERAL GOVERNMENT!!

It is important to understand the new changes going on at Health and Human Services as it relates to enforcement of HIPAA for both covered entities and business associates.  You need to know how to avoid being low hanging fruit in terms of audit risk as well as being sued by individuals who have had their PHI wrongfully discloses due to bad IT or internal administrative practices.

About the Intructor 

Brian L Tuttle, CPHIT, CHP, CBRA, Net+, A+, CCNA, MCP is a Certified Professional in Health IT (CPHIT), Certified HIPAA Professional (CHP), Certified Business Resilience Auditor (CBRA) with over 15 years’ experience in Health IT and Compliance Consulting. Mr. Tuttle has worked all of those 15 years with MAG Mutual Healthcare Solutions and is now Senior Compliance Consultant and IT Manager with InGauge Healthcare Solutions (previously named MAG Mutual Healthcare Solutions). Almost all of Brian’s clients are earned by referral with little or no advertising. Brian is well known and highly regarded in medical circles throughout the United States .

For more to continue reading

Easy Ways You Can Turn Hipaa Compliant Into Success

The materials will discuss IT security in the context of an overall organization security program including the value and approach of an IT security vulnerability test.

The first presentation explains the history of HIPAA, why it came into being and its evolution. This covers what HIPAA is, what steps have to be performed to be HIPAA compliant and what HIPAA compliance is.  It also provides definitions to key HIPAA terms, how to define a Business Associate and how to contract with Business Associates.

The second part of the first presentation is an overview of how to manage the HIPAA compliance project.

The second session describes what a Risk Assessment is and how to perform the risk assessment. The materials take the participant through the factors of HIPAA compliance and how to perform a HIPAA Risk Assessment. This encompasses taking the participants through how to do a HIPAA Privacy Risk Assessment, how to do a HIPAA Security Assessment and how to interpret the results, set priorities and develop a plan for addressing the Risk Assessment findings.

The third session takes the participants through how to prepare a set of HIPAA Policies and Procedures. This includes how to reference the HIPAA regulations in preparing the policies and procedures, how to reference the prior HIPAA Risk Assessments and how to prepare the HIPAA training materials.

The fourth session provides the participants with an orientation of the role the IT services in the healthcare organization in addressing the organization’s HIPAA compliance. This encompasses understanding what role IT hardware and software plays in the HIPAA compliance process, what responsibilities IT vendors should have and how to work with vendors. The materials will discuss IT security in the context of an overall organization security program including the value and approach of an IT security vulnerability test.

 

In the last session participants will review what a HIPAA breach is and what to do when a HIPAA breach occurs. This includes determining if a notification occurred, notification requirements and mitigation options.

There will be a wrap up and discussion session providing an opportunity for the participants to discuss specific issues they may have or get direction regarding particular approaches for HIPAA compliance.

The need for HIPAA compliance has evolved since the HIPAA laws were passed in 1996. In addition, as technology has advanced into more use of the internet and web-based hardware and software resources, compliance has also become more difficult and complex.

Now both covered entities (providers of health care services) and their business associates (support vendors) have to implement comparable compliance measures.

Breaches are almost impossible to escape – recent studies show that approximately 90% of covered entities and business associates have had at least one breach of a patient’s protected health information.  And, HIPAA federal penalties can be significant.

Compounding the issue is that almost all states have incorporated the HIPAA regulations, in one form or another, into their state health care privacy laws and/or the courts have accepted the HIPAA regulations as the standard of care for protecting a patient’s health information.

It is important for the health care organization to know what is expected by the regulations.

To satisfy your HIPAA compliance requirements, health care management and staff need to understand the HIPAA privacy and security regulations, understand how to assess your health care organization’s HIPAA compliance status, understand the role of each of the members of your workforce in meeting your compliance requirements and know what to do if there is a breach of your patient health data.

This webinar provides an in-depth review of these subjects and leaves the participant with a solid understanding of what has to be done to be HIPAA compliant.

People who will be benefits from this

  • Health Care Organization Ownership and Senior Management
  • Office Management
  • Business Associates
  • Physicians
  • Ancillary Service Organizations (Pharmacies, Labs, Radiology)
  • HIPAA Compliance Professions
  • Health Care System Vendors

A guide to practical Risk Management [ISO14971 and IEC62304]

Risk management being a mandatory component of almost any activity in the medical device industry.

Gaps, incorrect or incomplete implementation of safety functionality can delay or make the certification/approval of medical products impossible. Most activities cannot be retroactively performed since they are closely linked into the development lifecycle. Diligent, complete and correct implementation of risk management from the start of product development is therefore imperative. This course will introduce all necessary steps to design, implement and test critical medical devices in a regulatory compliant environment. This course will additionally address the software risk management and the resulting interfaces to device level risk management.

management

To comprehensively summarize all risk related activities and to demonstrate the safe properties of a device the ‘Safety Case’ or ‘Assurance Case’ document is a well-established method to collect all safety related information together in one place. This documentation will most likely become mandatory for all devices (currently only required for FDA infusion pump submissions). This course will introduce the basic concepts and content of safety assurance cases and will illustrate the usefulness for internal and external review of safety related information.

Risk management with emphasis on the application of risk management principles and requirements to the medical device development cycle. Risk management has become the method of choice to ensure an effective and safety oriented device development. International consensus, reflected in globally applicable standard requirements, has led to risk management being a mandatory component of almost any activity in the medical device industry.

The course will emphasize the implementation of risk management into the development and maintenance process. It will use real-life examples and proven tips and tricks to make the application of risk management a practical and beneficial undertaking. This seminar will address the system level issues of risk management as well as the increasingly important software and usability related issues of critical systems. It will help to comply with regulatory requirements with minimized overhead and resource burden. To make the combines effort to design, implement and verify a safe device transparent the concept of an assurance case will be introduced.

The course is mainly based on international consensus requirements such as ISO14971, IEC62366 and IEC62304. It will cover European (MDD), US (FDA) and international risk management requirements from a regulatory and practitioner’s perspective.

Following personnel will benefit from the course:

  • Senior quality managers
  • Quality professionals
  • Regulatory professionals
  • Compliance professionals
  • Project managers
  • Design engineers
  • Software engineers
  • Process owners
  • Quality engineers
  • Quality auditors
  • Medical affairs
  • Legal Professionals

How to interpret and use more than just a standard tool-box

Metrology: QC Sampling Plans the statistical analysis of measurement uncertainty, and how it is used to establish QC specifications.

How to apply statistics to manage risks and verify/validate processes in R&D, QA/QC, and Manufacturing, with examples derived mainly from the medical device design/manufacturing industry. The flow of topics over the 2 days is as follows:

  • ISO standards and FDA/MDD regulations regarding the use of statistics.
  • Basic vocabulary and concepts, including distributions such as binomial, hypergeometric, and Normal, and transformations into Normality.
  • Statistical Process Control
  • Statistical methods for Design Verification
  • Statistical methods for Product/Process Qualification
  • Metrology: QC Sampling Plans the statistical analysis of measurement uncertainty, and how it is used to establish QC specifications
  • How to craft “statistically valid conclusion statements” (e.g., for reports)
  • Summary recommendations

The various statistical methods used to support such activities can be intimidating. If used incorrectly or inappropriately, statistical methods can result in new products being launched that should have been kept in R&D; or, conversely, new products not being launched that, if analyzed correctly, would have met all requirements. In QC, mistakenly chosen sample sizes and inappropriate statistical methods may result in purchased product being rejected that should have passed, and vice-versa.

This provides a practical approach to understanding how to interpret and use more than just a standard tool-box of statistical methods; topics include: Confidence intervals, t-tests, Normal K-tables, Normality tests, Confidence/reliability calculations, Reliability plotting (for extremely non-normal data), AQL sampling plans, Metrology (i.e., statistical analysis of measurement uncertainty ), and Statistical Process Control. Without a clear understanding and correct implementation of such methods, a company risks not only significantly increasing its complaint rates, scrap rates, and time-to-market, but also risks significantly reducing its product and service quality, its customer satisfaction levels, and its profit margins.

  • FDA, ISO 9001/13485, and MDD requirements related to statistical methods
  • How to apply statistical methods to manage product-related risks to patient, doctor, and the designing/manufacturing company
  • Design Control processes (verification, validation, risk management, design input)
  • QA/QC processes (sampling plans, monitoring of validated processes, setting of QC specifications, evaluation of measurement equipment)
  • Manufacturing processes (process validation, equipment qualification)

product-development-process-e1395175968927

  • QA/QC Supervisor
  • Process Engineer
  • Manufacturing Engineer
  • QC/QC Technician
  • Manufacturing Technician
  • R&D Engineer

Dont skip this with out reading fully

Environmental, Health and Safety (EHS) Management and Audit

EHS.gif

An environmental, health and safety (EHS) management and audit program is now a prerequisite for organizations in various kinds of business. Allied to the emergence of and developing along with the concepts of worker safety and corporate social responsibility; the environmental, health and safety audit is today a major component of an organization. Organizations that need visibility and are desirous of earning a good name should make the environmental, health and safety management and audit a part of their culture.

The practice of companies auditing their environmental, health and safety (EHS) began in the 1970’s, almost contemporaneously with the enactment of OSHA. Around that time, the environmental issue was gaining ground in the corporate circles of the West with the governments and other agencies pitching in with their efforts to create greater awareness of the impact of business activities on the environment. As a result, the thinking that the top management of an organization needs to be viewing this issue more seriously started to develop and got ingrained over the years.

Cannot be glossed over
environmental-health-and-safety-management-and-auditAs a result of various legislations on the issue of environmental safety; the role of the Board of Governors became central in ensuring this aspect of the business. Environmental health and safety was no longer something that needed to be administered superficially, but in formal and designated ways, more specifically in the form of an audit. In order to incentivize corporate entities to implement environmental health and safety (EHS) management and audit; the trend started moving towards making these activities carry value addition to the organization.

Environmental health and safety management and audit is now a more formalized activity that needs to be carried out in a proper, set and well-defined manner. The processes that go into the EHS management and audit are clearly laid out in the form of standards such as the ISO 14001 standard, which is essentially an Environmental Management System (EMS) audit. To strengthen and enrich the audit activity and round it better; a few related and parallel standards such as the relevant parts of the 9000 family of standards, which deals with quality management, and 18000 series audits can be carried out with ease to supplement the environmental, health and safety audit.

Role of environmental health and safety (EHS) management and audit
environmental-health-and-safety-management-and-auditEnvironmental health and safety (EHS) management and audit have now evolved into being a practice that is coupled with and fused into many business-related activities. The practice now is to make an environmental health and safety management and audit an inseparable part of the Quality Management System. Environmental health and safety (EHS) management and audit audits are now a sure means to ensure that the organization has a reputation for corporate social responsibility by implementing this audit.

Aspects of an environmental health and safety management and auditThe aim of environmental health and safety management and audit is to instill the EHS right from the top management down to the line level employee. A properly carried out EHS management and audit system should ideally take these factors into consideration:

environmental-health-and-safety-management-and-audit

Click to Continue Reading

200+ followers. WOWWWWWW…

followed- 200

Hello Everyone,

Today we have the pleasure of celebrating the fact that we have reached the milestone of 200+ followers on WordPress. Since we started this blog, we have had such a great time connecting with everyone.  we never expected to actually to connect with other people in the blogging community.

we are so incredibly thankful for each and every one of you who follows and comments on my blog posts. Please know that!

we would continue our blogging in these areas FDA Regulation, Medical Devices, Drugs and Biologics, Healthcare Compliance, Biotechnology, Clinical Research, Laboratory Compliance, Quality Management ,HIPAA Compliance ,OSHA Compliance, Risk Management, Trade and Logistics Compliance ,Banking and Financial Services, Auditing/Accounting & Tax, Packaging and Labeling, SOX Compliance, Environmental Compliance, Microsoft Excel Spreadsheet, Geology and Mining, Human Resources Compliance, Food Safety Compliance and etc.

Get more articlehttps://www.globalcompliancepanel.com/freeresources/resource-directory

Please follow us on

Facebook – https://www.facebook.com/TrainingsAtGlobalCompliancePanel

Twitter – https://twitter.com/gcpanel

LinkedIn – https://www.linkedin.com/company/10519587/admin/updates/

Business Process Management in Healthcare helps reduce inefficiencies

What are the components of a Financial Audit Program1

For many years before the advent of automation and computerization ,healthcare processes, such as billing, admissions, and many elements of care were carried out manually. Although it was a capable method to quite an extent, it relied on the use of the manual process or the human method. This was always prone to mistakes and errors, because humans are prone to committing errors that can creep in even with the best of intentions, as a result of which the healthcare industry ended up losing billions of dollars that could otherwise have gone into meaningful forms of investment.

A result of technological developments

This is why Business Process Management (BPM) in Healthcare came into existence with the advent of and as a byproduct of automation. Business process management in healthcare is being considered a major step in helping healthcare settings reduce costs and inefficiencies. When a unit implements business process management in healthcare; there is an automatic reduction in errors and inefficiencies. Let us see how:

Impetus from the higher authorities

insurance in crystal ball, Life insurance concept

There is now a general tendency and effort to push for automation in the healthcare industry. Even the American Congress has been aggressively pushing for reforms in the healthcare industry, a prime feature of which is fostering business process management in healthcare. Overall, BPM in healthcare is a means for improving efficiencies throughout the healthcare chain and bringing about greater integration and accountability through automation.

Core areas of business process management in healthcare

Business process management in healthcare is useful across the healthcare process chain, but is particularly so in at least there important areas:

Billing:This is one of the prime areas in which business process management in healthcare can make a huge difference. With complete automation of this critical area of business, healthcare units ensure that there is total coordination and traceability of the billing process.

Software:Apart from billing, another area in which business process management in healthcare helps tremendously is software. Software applications can bring about a huge change in the speed of operations. This area of BPM in healthcare reduces the need for human intervention at various stages of the business process.

Big data:Another of the areas in which business process management in healthcare holds huge promise is big data. Big data can help to make sense of various data used in healthcare administration and disease management across entire geographies. This makes the role of business process management in healthcare all the more meaningful and exciting.

 

Click to Continue Reading