Seminar ID: 100634

HIPAA Security Compliance Challenges after the HITECH Act

Presented By:
Jim Sheldon-Dean

Lewis Creek Systems, LLC

You will Learn:

  • About the new requirements to provide patients electronic copies of information held electronically, if they wish.
  • How to respond to patients that want to use plain e-mail to communicate with providers.
  • How to evaluate privacy and security risks and learn what are the factors of risk to be considered.
  • About the change in how to decide whether or not a breach must be reported, and how risk analysis is a key part of it.
  • How to use the misfortune of others who have suffered breaches to avoid those risk issues.

HIPAA Security Rule compliance requires that the risks to privacy and security of Protected Health Information be assessed and managed, but what does that actually mean in day-to-day decisions about how to handle HIPAA compliance questions? How do you decide what to do if the patient wants you to e-mail their health information to them in a plain e-mail message? Looking at the rules and performing a risk analysis helps you understand what to do. What if there's a breach and you need to figure out whether it needs to be reported or not? Risk Analysis is how you make that decision. And the information posted from the reporting of large breaches helps you know what risks are prevalent and must be considered in your overall risk analysis. Understanding risks is essential to making good compliance decisions and in this preview session we will examine some practical applications of risk analysis in HIPAA.