Overview:
HIPAA Compliance has recently seen big changes in how the rules are enforced during the COVID-19 pandemic emergency and for individual access requests, long-overdue changes may be coming to regulations on Accounting of Disclosures of Protected Health Information (PHI), we can expect new rules regarding the HIPAA Notice of Privacy Practices and calling patients' cell phones, and a little-used HIPAA right may become a hot topic if the Affordable Care Act is threatened.
And there have been calls for HIPAA expansions to cover new
technologies and new uses of PHI. There is no shortage of critical
topics for medical offices to respond to, to meet requirements and avoid
penalties.
This session will review the scope of what must be done to stay in
compliance with the HIPAA regulations as individual access comes into
focus both as a right that is vigorously enforced, yet now limited in
some ways by a new Federal court order. Keeping up with these complex
changes is essential to compliance with HIPAA access requirements.
The session will prepare organizations for the impacts of likely rule
changes in areas such as Accounting of Disclosures, the Notice of
Privacy Practices, cell phone communications, and new technologies. New
rules expected for Accounting of Disclosures will be explored and their
expected futures and impacts will be discussed, and impacts of changes
to 42 CFR Part 2 and controls on information relating to substance use
disorders will be explained.
One potential impact is not a HIPAA change, but an increase in the
demand for requests to exert rights to keep treatment secret from health
plans, which could result from changes to the ACA.
This session will help practices prepare for the various changes and
avoid the significant penalties (up to $1.7 million and beyond) for
non-compliance.
Why you should Attend:
The Health Insurance Portability and Accountability Act of 1996 has now
been around for nearly a quarter century, and the regulations have
evolved since the Privacy Rule first became enforceable in 2003. The
recent adjustments, guidance, and allowances associated with the
COVID-19 pandemic have led to new uses of technology that won’t just go
back to the old ways once the emergency is over and regulations are
returned to a non-emergency state.
There have been numerous enforcement settlements, there are new threats
to the privacy and security of patient information, and still more
changes in the rules are expected based on the HITECH Act and goals for
greater patient access rights and integration of care services.
In addition, a recent Federal Court decision has changed the rules for
providing access to patient information under the rules for individual
access of PHI, and new guidance has been issued about the
responsibilities of Business Associates for HIPAA compliance.
This session will look at the current state of HIPAA compliance and
identify expected changes in the rules in the coming year, as well as
examine the focus and results of various HIPAA enforcement actions to
identify areas that deserve your HIPAA Officer’s attention in the coming
year to ensure HIPAA compliance.
This session will provide the HIPAA Officer a review of the current
enforcement actions, audit focus, privacy, security, and breach issues,
and expected regulatory changes in HIPAA, and help the compliance
specialist prepare for a year of HIPAA work including responding to
issues and planning for regular compliance activities.
Areas Covered in the Session:
- Emergency orders during the COVID-19 pandemic allow necessary flexibility but won't last forever
- There may be a change to requirement to Obtain an Acknowledgement of the Receipt of a Notice of Privacy Practices
- There may be a change to rules under TCPA (regarding calling or messaging cell phones)
- Changes to ACA may impact the use of HIPAA rights to limit disclosures
- Guidance has recently been provided on the HIPAA compliance liability of Business Associates
- 42 CFR Part 2 (regarding Substance Use Disorder information) may become better aligned with HIPAA
- There is inadequate coverage under HIPAA for new technologies and
new kinds of patient information technologies, such as contact tracing
Apps
Agenda
- Overview of HIPAA Regulatory Expectations
- New Regulatory Directions
- Rule Modifications and Guidance on the COVID-19 Pandemic
- Overdue Regulatory Action
- Court Ruling Limiting Regulations
- Issues in Individual Access of Records under HIPAA
- New Emphasis on Enforcement of Individual Access Rules
- New Court Ruling Limiting Third-Party Access Requests
- New Limitation of Business Associate Liability for Compliance
- HIPAA Accounting of Disclosures Changes
- Current Accounting of Disclosures Requirements
- Required Changes and Difficulties Implementing Them
- Likely Regulation to be Proposed
- Potential Rules Changes
- Acknowledgement of Receipt of Notice of Privacy Practices
- TCPA and Cell Phone Communications
- Impact of Potential Changes to Affordable Care Act
- Getting Back to Normal After the Pandemic Emergency
- HIPAA Controls and New Technologies
- Difficulty in Managing Privacy
- Calls for HIPAA Expansions
Who Will Benefit:
- CEO
- HIPAA Privacy Officers
- HIPAA Security Officers
- Information Security Officers
- Risk Managers
- Compliance Officers
- Privacy Officers
- Health Information Managers
- Information Technology Managers
- Information Systems Managers
- Medical Office Managers
- Chief Financial Officers
- Systems Managers
- Chief Information Officer
- Healthcare Counsel/lawyer
- Operations Directors