Information Protection: Access, Disclosure, Archival, Privacy and Security
Medical devices are part of the Internet of Things (IoT). They are a threat to patient privacy and, now, patient safety. The department of Health and Human Services and the Healthcare Industry Cybersecurity Task Force have agreed medical devices are a primary threat vector for malicious cybersecurity attackers and unintended malware incidents like Notpetya & Wannacry. It’s not if you will be breached, it’s when and have you prepared?
Join this session and learn CMS's “Top 5 Threats” and “10 Best Practices” targeted to mitigate specific cybersecurity threats for your facility. Easy to understand terminology, participants are provided the Best Practice guidelines, which include templates and toolkits. This HHS publication is now referenced in proposed Congressional Legislation as a means by which organizations can substantially mitigate the penalties of a breach.
In this session, we will discuss: What is Privacy Risk? How does the Privacy Framework support the HIPAA Privacy Rule? How can healthcare organizations of all sizes leverage this new tool? What is the model & how are methodologies used? What does Risk Mitigation look like?
Learn about the OCR and its responsibilities, Review recent OCR Enforcement Actions, Analyze recent Resolution Agreements and Civil Money Penalties, Identify the “takeaways” from the OCR Enforcement Actions, and Conduct an activity applying the lessons learned from the OCR Enforcement Actions.
This presentation engages attendees in an essential conversation regarding the recent court ruling on the misuse of patient-directed record requests. In what is being seen as a strong rebuke to years of regulatory overreach, the United States District Court for the District of Columbia entered an order on January 23, 2020 that invalidates provisions of the 2013 Omnibus Rule to the Health Information Portability and Accessibility Act (“HIPAA”) and 2016 guidance issued by United States Department of Health and Human Services Office (“HHS”) on the fees that may be assessed to patients for copies of medical records. Attendees will take home advice on how to operationalize the new ruling, and learn how the ruling impacts provider organizations, third-party requesters, and the healthcare industry in general.
Attendees will learn more about AHIMA’s advocacy agenda for 2020. Members will gain an in-depth understanding of AHIMA’s ongoing advocacy and public policy efforts on Capitol Hill and within the federal agencies.
The LHIMA Privacy and Security Webinar Series is designed to answer the latest privacy and security questions in the HIM industry. The series is sponsored by MRO, and Privacy expert Rita Bowen, MA, RHIA, CHPS, CHPC, SSGB, Vice President of Privacy, Compliance and HIM Policy for MRO will be the presenter for our five pre-recorded webinars and will host the final live webinar to answer your follow up questions.
This live session will offer a platform for LHIMA members to address questions about the content delivered in the 5-part webinar series that covered the topics of OCR audits, patient access, telehealth, building a privacy program, information security and problems on the horizon. Privacy expert Rita Bowen, MA, RHIA, CHPS, CHPC, SSGB, Vice President of Privacy, Compliance and HIM Policy for MRO, will be live on the line to answer all your questions about the previously covered topics, in addition to any other hot topics submitted for discussion.
This webinar will cover the updates on Administration and Enforcement of the HIPAA Privacy, Security, and Breach Notification Rules from the U.S. Dept. of Health & Human Services – Office for Civil Rights (OCR). The presentation will cover updates to policy, Breach notification, Enforcement and Audits.
This presentation will discuss the current environment and statistics related to healthcare breach, review the need for Covered Entities and Business Associates to develop sophisticated incident response plans, and shed light on best practices for assembling an incident response team, review critical steps for the first 24 hours following a breach, discuss communications strategies for patient notification and outline various approaches for specific incident types.
This presentation will review the targeted voluntary recommendations produced by our Joint Cybersecurity Workgroup. Introduce Framework terms to start educating the health sector professionals on important and generally-accepted cybersecurity terms.
Healthcare organizations attempt to meet 100 percent compliance with all regulatory requirements mandated by law. Unfortunately, this does not always ensure effective security. Others focus on technical cybersecurity solutions, addressing the threat du jour. Similarly, this will not guarantee compliance. Many attempt both, but without effective coordination these too fail. The increasing attacks on our health industry are demanding we develop a more coordinated defense. But integrating and automating the operations of today’s HIM, privacy, information security, compliance, and cybersecurity departments is complex and resource intensive. Some healthcare institutions are turning to a category of software designed to align these department’s objectives; Governance, Risk and Compliance (GRC).