Any business organization that is involved in creating, receiving, transmitting and maintaining Protected Health Information (PHI) has to comply with the requirements set out in Health Insurance Portability and Accountability Act (HIPAA). Such businesses, called Business Associates, since they carry out these functions on behalf of what are called Covered Entities; are legally obliged to show compliance with the provisions of HIPAA, whose main aim is to protect the privacy and confidentiality of patient information.
So, any Business Associate has to know how to comply with the provisions of HIPAA. Considering that the provisions of HIPAA have undergone major changes from the time of its enactment in 1996 up until 2013; Business Associates often find that showing compliance with the provisions of this legislation is complex. But failing to do so attracts hefty fines and penalties.
Understanding HIPAA provisions is the key to implementation
Although HIPAA implementation appears somewhat intimidating at first glance, in reality, it is not so. It can be implemented with ease and felicity in a manner that meets all the regulatory requirements. How? By breaking down the requirements into separate parts. The ways of taking this very sensible and commonsensical approach to HIPAA implementation by Business Associates and their Covered Entities, will be the subject of a very useful two-day seminar that is being organized by GlobalCompliancePanel, a highly reputed provider of professional trainings in the areas of regulatory compliance.
Taking the right steps to HIPAA implementation
He will, for instance, highlight the role of the social media and how to use the electronic media for staying updated and thus reducing the crucial element of time. He will also highlight the importance of managing risks in HIPAA compliance. This is all the more critical, considering that the Office of Civil Rights (OCR) has found that a shockingly high 94% of Covered Entities failed the Risk Management audit and about 87% failed the Risk Analysis audit. This was despite the fact that every Covered Entity knew well in advance of the upcoming audit, and had filled up a pre-audit questionnaire, which gave them a clear idea of what was to come in terms of the questions that HIPAA inspectors would be asking them, and what documentation were needed from them.
The central aim of this learning session is to help participants understand how Business Associates and Covered Entities can take simple and easy steps to stay compliant, so that they don’t have problems in meeting HIPAA requirements for compliance.
Learning at this highly valuable Areas:
- Thorough Understanding of HIPAA Rules
- What they are
- How they work together
- Why and How they were made
- How they are changing and what to expect next
- HIPAA Risk Analysis – Risk Management for Your Organization
- A Practical Guided Exercise done in class on your computer to take home
- Privacy and Security Rules – Permitted and Required Uses and Disclosures
- What information must be protected
- Administrative, Technical and Physical Safeguards
- Social Media, Texting and Emailing Patients
- The inter-connected, inter-dependent relationship of Covered Entities and Business Associates
- What is, and what is not a Reportable Breach of Unsecured PHI