HIPAA Breach notification rule, 45 CFR §§ 164.400-414, requires HIPAA covered entities and their business associates to provide notification following a breach of unsecured protected health information. The “American Recovery and Reinvestment Act of 2009”(ARRA) that was signed into law in 2009 established a tiered civil penalty for HIPAA violations.
Everyone in the healthcare industry knows about HIPAA, that has been in effect since 1996. The goal of the legislation was relatively simple – to safeguard our patient health information. The law dictated to entities how to protect health information (PHI). The law also states the manner to share the PHI, when you can share, and with whom you can share.
To date, even the best of healthcare organizations struggle with feeling confident that they have all the required areas covered to protect and prevent HIPAA violations from occurring in their organization. In the documentation, mentions that by initiating proper training and implementing useful monitoring tools, HIPAA violations can be reduced or more readily identified in the workplace. Often there is not clear communication to employees about “what constitutes a HIPAA breach” and how can this be reported in your organization without “fear of retaliation.”
According to 2014 writing in HealthWorks Collective, a full 50% of persons polled rated training and educating staff as their most significant hurdle to HIPAA compliance. In most cases, the complaints surround a lack of qualified personnel to perform the training or a general lack of time in which the training can be completed. The most prominent challenges organizations face coast-to-coast are:
- A lack of effective training
- Little or no monitoring tools or follow-up
- Issues with technology support
Remember, in cases of noncompliance where the covered entity does not satisfactorily resolve the matter, Office of Civil Rights (OCR) may decide to impose civil money penalties (CMPs) on the covered entity. CMPs for HIPAA violations are determined based on a tiered civil penalty structure. The breach can be very costly to organizations as well as damaging to the business reputation if adequate safeguards are not in place.
In this webinar conference, you will take away valuable information that will assist you in “creating and maintaining a “culture of compliance” that will train and support your employees in respecting their patient privacy information.
Advantages of attending the webinar:
A breach is, generally, an impermissible use or disclosure under the Privacy Rule that compromises the security or privacy of the protected health information.
According to HHS.gov, failure to comply with HIPAA can also result in civil and criminal penalties. If a complaint describes an action that could be a violation of the criminal provision of HIPAA, Office of Civil Rights (OCR) may refer the complaint to the Department of Justice (DOJ) for investigation.
Administrative Simplification Regulations, face a fine of up to $50,000, as well as imprisonment of up to 1 year. Offenses committed under false pretenses allow penalties to increase into a $100,000 fine, with up to 5 years in prison.
Who Will Benefit:
Physicians, Medical Practice Employees, Hospital, Compliance Officials, Medical Societies, Healthcare training organizations
Office visits for New and Established Patient
Reporting HIPAA Breaches: How to Protect Your Enterprise
Care Coordination: Strategies for Managing Cost and Length of Stay
ICD-10-CM Update for 2019
Documentation Requirements for DME in the Medical Office