Session 1: Role of HIPAA Privacy Officer: Compliance and Responsibilities | 60 Mins
While the basic provisions of privacy for protected health information are well known, their application in today’s healthcare world is complex – so much so the HIPAA laws require a Privacy Officer for your health care organization as a covered entity. HIPAA’s many security rules regarding protected health information first involve the person designated as a Privacy Officer. These federal requirements extend not only to covered entities but to business associates of covered entities.
What is the difference between a HIPAA Compliance Officer, a Privacy Officer, and a Security Officer? Can the health care entity combine functions and job duties? Are these three separate jobs, or are they three jobs in one? The current trend requires the covered entity to stay on top of continuing changes to HIPAA and a growing responsibility, expanded job duties, and a greater time and resource demands focused on patient confidentiality and digital security by the Privacy Officer.
This session of the module covers the job responsibilities of the Privacy Officer, the intended qualifications, and tips and techniques for carrying out these increasing privacy functions.
Session Outline:
Session 2: E-Mailing, Texting, And The Use Of Personal Devices By Health Care Professionals | 60 Mins
The ability to text or e-mail health care practitioners and other staff and patients has become a priority for many health care entities and practitioners, especially solo health care practitioners with limited support staff. Maintaining patient privacy and confidentiality is necessary to make sure covered entities meet compliance standards of HIPAA and state licensure laws.
Although e-mailing and texting are convenient for the health care practitioner and patient, these communication methods have security risks and inherent pitfalls. Implementing e-mail and text solutions in the health care setting is a complex issue and several factors must be addressed.
This session will help attendees erase the fear, uncertainty, and doubt about exactly how a health care practitioner may use modern texting and e-mail, both within their own health care organization or facility and to the outside world of patients. Find out how these communications may or may not be required to be retained by the health care practitioner.
This session will help understand the fundamental aspects of HIPAA privacy regulations, establishing a strong foundation for understanding the intricate world of healthcare data security. We'll explore the core principles of HIPAA and its relevance in today's digital age, particularly in the context of electronic communications. We'll also provide real-world examples showcasing how state licensure laws can impact the handling of protected health information.
Additionally, we'll break down the essential components of privacy notices and effective communication practices with patients, ensuring compliance with HIPAA's stringent guidelines. As a bonus, we'll touch on the importance of implementing confidentiality and privacy disclaimers on healthcare practitioners' websites, especially for those managing their online presence.
Session Outline:
Session 3: HIPAA Privacy Exceptions: State Licensure Boards and Investigations | 60 Mins
This part of the module discusses HIPAA requirements then diverts to a review of state licensure laws that allow state investigative agencies to exploit HIPAA exceptions for various law enforcement purposes.
During the session we’ll reviews core privacy requirements of HIPAA then covers in detail the ways state licensure boards and agencies use the authority of state law to cover HIPAA exceptions and gain access to your patient records. This session shows how state agencies use state law in concert with HIPAA exceptions to conduct government-lead investigations.
These exceptions can also be used by federal agencies in the same way.
This session will help you gain a firm understanding of how state law authorizes state licensure boards and agencies to use HIPAA exceptions to gain access to your patients’ protected health information when you are under investigation. Know the state authority under its police powers to protect the health, welfare, moral, and safety of the public in various health care context.
Session Outline:
Session: 4: Remote Patient Monitoring on the Internet of Things: HIPAA Security Rules for Telemedicine Practices | 60 Mins
Remote patient monitoring, often termed remote patient management, involves the collection of a broad spectrum of patient health data, from vital signs like blood pressure and heart rate to advanced metrics like glucose levels and pulse oximetry. These technologies are part of the Internet of Things (IoT), where electronic devices connect to central systems for data analysis and interpretation.
However, this interconnected landscape also introduces new security risks. Patient monitoring can be continuous, happening 24/7, which amplifies the need for robust safeguards to protect patient data.
In this session, we'll not only explore the evolving IoT landscape but also delve into broader examples of personal security infringements, from electronic stalking to tracking criminal activity using geolocation data from fitness devices.
Our aim is to dispel any uncertainties surrounding the utilization of modern remote patient monitoring within a telemedicine practice while ensuring compliance with HIPAA's stringent security regulations. We will provide insights on how healthcare practitioners can fulfill these mandates, ensuring patient confidentiality remains intact in this fast-evolving digital healthcare era.
This session will help attendees gain a comprehensive understanding of the evolving world of remote patient monitoring and IoT in healthcare, equipping you with the knowledge to navigate HIPAA's security rules effectively and with confidence.
Session Outline:
Session 5: Navigating Hospital Liability for Employee HIPAA Violations in the Age of Social Media | 60 Mins
This advanced webinar delves into the critical issue of social media violations committed by employees within healthcare facilities, specifically focusing on hospitals. It addresses the pivotal question of when and how a healthcare facility, such as a hospital, may be held accountable for HIPAA violations committed by its own staff members. This discussion is pertinent to various healthcare institutions beyond hospitals.
The goal of this session is to dispel any uncertainties surrounding a hospital's potential liability for its employees' HIPAA breaches and to clarify whether such misconduct falls within the scope of their employment, consequently making the hospital financially liable.
In this session we will examine two distinct state court cases that revolve around hospital employees' HIPAA violations, shedding light on how their outcomes can significantly differ. While addressing HIPAA privacy basics for hospitals and employees, we'll also explore established social media regulations and present glaring instances of HIPAA breaches resulting from reckless social media activities.
Furthermore, this session provides an in-depth analysis of the divergent outcomes in recent state court cases concerning hospital liability for employee HIPAA violations related to social media usage. By delving into these cases, we aim to illustrate how one hospital escaped liability while another did not.
Session Outline: