Overview:
HIPAA Compliance has recently seen big changes in how the rules are enforced during the COVID-19 pandemic emergency and for individual access requests, long-overdue changes may be coming to regulations on Accounting of Disclosures of Protected Health Information (PHI), we can expect new rules regarding the HIPAA Notice of Privacy Practices and calling patients' cell phones, and a little-used HIPAA right may become a hot topic if the Affordable Care Act is threatened.
And there have been calls for HIPAA expansions to cover new
technologies and new uses of PHI. There is no shortage of critical
topics for medical offices to respond to, to meet requirements and avoid
penalties.
This session will review the scope of what must be
done to stay in compliance with the HIPAA regulations as individual
access comes into focus both as a right that is vigorously enforced, yet
now limited in some ways by a new Federal court order. Keeping up with
these complex changes is essential to compliance with HIPAA access
requirements.
The session will prepare organizations for the
impacts of likely rule changes in areas such as Accounting of
Disclosures, the Notice of Privacy Practices, cell phone communications,
and new technologies. New rules expected for Accounting of Disclosures
will be explored and their expected futures and impacts will be
discussed, and impacts of changes to 42 CFR Part 2 and controls on
information relating to substance use disorders will be explained.
One
potential impact is not a HIPAA change, but an increase in the demand
for requests to exert rights to keep treatment secret from health plans,
which could result from changes to the ACA.
This session will
help practices prepare for the various changes and avoid the significant
penalties (up to $1.7 million and beyond) for non-compliance.
Why you should Attend:
The Health Insurance Portability and Accountability Act of 1996 has
now been around for nearly a quarter century, and the regulations have
evolved since the Privacy Rule first became enforceable in 2003. The
recent adjustments, guidance, and allowances associated with the
COVID-19 pandemic have led to new uses of technology that won’t just go
back to the old ways once the emergency is over and regulations are
returned to a non-emergency state.
There have been numerous
enforcement settlements, there are new threats to the privacy and
security of patient information, and still more changes in the rules are
expected based on the HITECH Act and goals for greater patient access
rights and integration of care services.
In addition, a recent
Federal Court decision has changed the rules for providing access to
patient information under the rules for individual access of PHI, and
new guidance has been issued about the responsibilities of Business
Associates for HIPAA compliance.
This session will look at the
current state of HIPAA compliance and identify expected changes in the
rules in the coming year, as well as examine the focus and results of
various HIPAA enforcement actions to identify areas that deserve your
HIPAA Officer’s attention in the coming year to ensure HIPAA compliance.
This
session will provide the HIPAA Officer a review of the current
enforcement actions, audit focus, privacy, security, and breach issues,
and expected regulatory changes in HIPAA, and help the compliance
specialist prepare for a year of HIPAA work including responding to
issues and planning for regular compliance activities.
Areas Covered in the Session:
- Emergency orders during the COVID-19 pandemic allow necessary flexibility but won't last forever
- There may be a change to requirement to Obtain an Acknowledgement of the Receipt of a Notice of Privacy Practices
- There may be a change to rules under TCPA (regarding calling or messaging cell phones)
- Changes to ACA may impact the use of HIPAA rights to limit disclosures
- Guidance has recently been provided on the HIPAA compliance liability of Business Associates
- 42 CFR Part 2 (regarding Substance Use Disorder information) may become better aligned with HIPAA
- There
is inadequate coverage under HIPAA for new technologies and new kinds
of patient information technologies, such as contact tracing Apps
Agenda
- Overview of HIPAA Regulatory Expectations
- New Regulatory Directions
- Rule Modifications and Guidance on the COVID-19 Pandemic
- Overdue Regulatory Action
- Court Ruling Limiting Regulations
- Issues in Individual Access of Records under HIPAA
- New Emphasis on Enforcement of Individual Access Rules
- New Court Ruling Limiting Third-Party Access Requests
- New Limitation of Business Associate Liability for Compliance
- HIPAA Accounting of Disclosures Changes
- Current Accounting of Disclosures Requirements
- Required Changes and Difficulties Implementing Them
- Likely Regulation to be Proposed
- Potential Rules Changes
- Acknowledgement of Receipt of Notice of Privacy Practices
- TCPA and Cell Phone Communications
- Impact of Potential Changes to Affordable Care Act
- Getting Back to Normal After the Pandemic Emergency
- HIPAA Controls and New Technologies
- Difficulty in Managing Privacy
- Calls for HIPAA Expansions
Who Will Benefit:
- CEO
- HIPAA Privacy Officers
- HIPAA Security Officers
- Information Security Officers
- Risk Managers
- Compliance Officers
- Privacy Officers
- Health Information Managers
- Information Technology Managers
- Information Systems Managers
- Medical Office Managers
- Chief Financial Officers
- Systems Managers
- Chief Information Officer
- Healthcare Counsel/lawyer
- Operations Directors