Subscribe to Events Feeds

269 Results Found

How to Properly Handle HIPAA Security Incidents and Actual Breaches Webinar By MentorHealth
8/13/2014 10:00 AM - 11:30 AM
online event
Event Listing
Summary:

Overview: The word "breach" in the health care industry, and for those business associates of covered entities, certainly causes alarm when not only have you had your patient's privacy violated, but also now you have to prepare for the financial cost to remedy the breach and think about the possible criminal and civil penalties that you or your organization may have to face.

In addition, because the HITECH Act for the first time now authorizes a federal lawsuit for a HIPAA violation, an aggrieved individual may ask the attorney general of the state in which the violation occurred to sue on his behalf in federal court and recover damages, attorney's fees, and costs. As of the end of August 2011, the Connecticut Attorney General ("AG") had filed two such lawsuits and the Indiana AG had filed one.

In the first one filed, the Connecticut AG obtained a $250,000 settlement from the hospital defendant. Thus, a covered entity now faces the possibility of HIPAA lawsuits in both state and federal courts. Further, with the HITECH Act's expansion of HIPAA civil and criminal liability to business associates, the latter may also be sued in federal court. The Minnesota Attorney General has filed such a lawsuit against a business associate. Isn't it better to know the proper way to handle a breach according to the law?

Learn the difference between security incident reports and reportable breaches and how to handle each properly during this 90-minute seminar. Find out what resources are available to you to help avoid breaches of confidentiality and how your organization can be better prepared for HIPAA compliance regulations

Areas Covered in the Session:

What is a security incident?

What is a breach?

What immediate action should be taken when a breach is suspected?

How to report a breach

How to investigate a breach

How to mitigate the harm of a breach

What breaches must be reported to DHHS and/or to the individuals who are the subject of the breach?

How to report breaches to DHHS and/or to the individuals who are the subject of the breach

How to determine whether disciplinary action is appropriate

How to document security incidents and breaches in a security incident report

Do you need insurance to cover HIPAA breaches?

Who Will Benefit:

HIPAA Compliance Officers

HIPAA Security Officers

HIPAA Privacy Officers, CFOs

CIOs

Medical Records Personnel

Health Information Management Professionals

Health Care Attorneys

Billing Services

Educational Objectives(S)

Upon completion of this activity, participants will be able to:

Discuss the difference between security incident reports and reportable breaches and how to handle each properly.

CME Credit Statement

This activity has been planned and implemented in accordance with the Essential Areas and Policies of the Accreditation Council for Continuing Medical Education (ACCME) through the joint sponsorship of CFMC and MentorHealth. CFMC is accredited by the ACCME to provide continuing medical education for physicians.

CFMC designates this educational activity for a maximum of 1.5 AMA PRA Category 1 Credits™. Physicians should only claim credit commensurate with the extent of their participation in the activity.

Other Healthcare Professionals Credit Statement

This educational activity has been planned and implemented following the administrative and educational design criteria required for certification of health care professions continuing education credits. Registrants attending this activity may submit their certificate along with a copy of the course content to their professional organizations or state licensing agencies for recognition for 1.5 hours.

Disclosure Statement

It is the policy of CFMC and MentorHealth that the faculty discloses real or apparent conflicts of interest relating to the topics of the educational activity. All members of the faculty and planning team have nothing to disclose nor do they have any vested interests or affiliations

#

Obtaining Certificate of Credit

Colorado Foundation for Medical Care (CFMC) hosts an online activity evaluation system, certificate and outcomes measurement process. Following the activity, you must link to CFMC's online site (link below) to complete the evaluation form in order to receive your certificate of credit. Once the evaluation form is complete and submitted, you will be automatically sent a copy of your certificate via email. Please note, participants must attend the entire activity to receive all types of credit. Continuing Education evaluation and request for certificates will be accepted up to 60 days post activity date. CFMC will keep a record of attendance on file for 6 years.

Background :

A number of HIPAA standards require covered entities and now, by virtue of the HITECH Act and the Omnibus Rule, to have policies and procedures to handle HIPAA security incidents, even those that do not result in an actual breach of confidentiality. The largest civil money penalties are reserved for breaches that are not handled properly.

Richard D. Dvorak J.D., is a health care attorney and partner in the law firm of TOMES & DVORAK, CHARTERED, a Kansas City area law firm. The firm has Martindale-Hubbell’s highest rating, AV (“A” is for preeminent in the field of practice and “V” is for highest ethics). After serving eight years in the United States Marine Corps, Richard obtained his law degree from Chicago-Kent College of Law in 1992. He is licensed to practice law in Illinois, Missouri, and Kansas, including various U.S. federal courts. Mr. Dvorak’s extensive litigation experience includes medical malpractice, physician licensure, mental health disability cases, military cases, and criminal cases, among others.

Mr. Dvorak is Vice President of EMR Legal, Inc., a national HIPAA consulting firm, which provides consulting services for clients ranging from a large county government, with eight different health entities that need HIPAA compliance help, to a small transcription service. His specialty is helping covered entities and business associates comply with HIPAA in a cost-effective manner using his extensive technical computer knowledge and business acumen. He and his team have consulted over 1,000 clients in health care regulations since 1998. Mr. Dvorak is also the Vice President of Veterans Press, Inc.—a national publishing company that sells and distributes The Compliance Guide to HIPAA and the DHHS Regulations, soon to be in the 6th edition, an integral part of the HIPAA Compliance Library.

A Design Control Primer
8/13/2014 10:00 AM - 11:00 AM
Online Event Fremont, California United States
Event Listing
Summary:

This webinar will cover the basics of design controls, and provide recommendations for implementation of a compliant design control system. Also discussed will be deisgn control requirements for devices already in distribution. Documentation requirements for each design stage will be included as well.

Lean Startup Circle Asheville
8/13/2014 4:30 PM - 6:30 PM
Mojo Coworking Asheville, North Carolina United States
Event Listing
Summary:

Focused on teaching and talking about Lean Startup principles. Second Wednesday of every month.

How to Get Your Combination Product Approved and onto the US Marketplace
8/14/2014 9:00 AM - 8/15/2014 6:00 PM
WILL BE ANNOUNCED SOON San Francisco, California United States
Event Listing
Summary:

This course provides a comprehensive understanding of the FDA Combination Product system. Participants receive a foundation of knowledge about the FDA Office of Combination Products, the FDA Combination Product system, Combination Product submissions, and the scientific and regulatory principles involved.

How to do a Risk Analysis Webinar By MentorHealth
8/14/2014 10:00 AM - 11:30 AM
online event Fremont, California United States
Event Listing
Summary:

Overview: If you cannot remember the last time your organization performed a HIPAA & HITECH Act Risk Analysis, or if you are unsure if your organization has ever performed a Risk Analysis, then this is the webinar for you. Jonathan P. Tomes will cover how to conduct a risk analysis and how to update it as necessary. Failure to conduct a written risk analysis qualifies as "willful neglect," which carries the highest civil money penalty ("CMP") and which penalty cannot be waived by DHHS as can violations due to a reasonable cause.

Because a risk analysis is a required implementation specification under the Security Rule, failure to do one is willful neglect. And the civil money penalties are not the only sanctions for not doing a risk analysis. The remediation costs for a breach that might have been prevented had a risk analysis been done can be much more than the CMP. Blue Cross Blue Shield of Tennessee not only had to pay the $1.5 million settlement, but also it incurred $17 million in remediation costs-costs that might have been avoided had it done an updated risk analysis.

Why should you attend: The majority of the DHHS civil money penalties and settlements in lieu thereof involve, sometimes with other violations, failure to perform a written risk analysis. These penalties usually are in the seven figure range. Blue Cross Blue Shield of Tennessee, for example, settled for $1.5 million for failing to update its risk analysis when its physical security situation changed. Other seven-figure settlements involved failure to do the required initial risk analysis.

Areas Covered in the Session:

What is risk analysis?

Why do you need to do one?

How to do one

Assemble a good team

Identify assets

Identify risks

Quantify risks

Select reasonable, appropriate, and cost effective security measures

Test and revise security measures

Particular areas to focus on (portable devices, social media, email, and the like)

Case study (will walk webinar attendees through the process)

Questions and answers

Who Will Benefit:

HIPAA compliance Officers

HIPAA Security Officers

HIPAA Privacy Officers

Human Resources Directors

Business Office Managers

Medical Records Personnel

Health Care Attorneys

Patient Accounts Managers

Business Associates

Background :

HIPAA requires a risk analysis of threats to protected health information (“PHI”). Even if risk analysis were not required, one cannot possibly implement reasonable and appropriate security measures to protect PHI without first having completed a risk analysis. If one implements a security measure without conducting a risk analysis, it is just guessing.

And most covered entities and business associates have not completed this most important compliance requirement. The Department of Health and Human Services (“DHHS”) recent audits of covered entities revealed that 47 out of 61 had not conducted a satisfactory risk analysis. This lack of risk analyses is likely because of neglect or failure to understand the need therefore and how to do one.

Jonathan P. Tomes , J.D., is a health care attorney and partner in the law firm of TOMES & DVORAK, CHARTERED. He has written more than 50 books, including The Compliance Guide to HIPAA and the DHHS Regulations, and dozens of articles in the area of HIPAA compliance.

Quality Management Systems Creating Implementing and Improving
8/14/2014 10:00 AM - 11:00 AM
Online Event Fremont, California United States
Event Listing
Summary:

All parts of the Pharmaceutical Quality System should be adequately resourced with competent personnel, and suitable and sufficient premises, equipment and facilities. There are additional legal responsibilities for the holder of the Manufacturing Authorisation and for the Qualified Person(s). The basic concepts of Quality Management, Good Manufacturing Practice and Quality Risk Management are inter-related.

Understanding Combination Products Requests for Designation and Product Jurisdiction
8/14/2014 10:00 AM - 11:00 AM
Online Event Fremont, California United States
Event Listing
Summary:

This webinar will provide a detailed discussion of understanding the definition of a combination product, the categories of combination products, how combination products are reviewed, how to assemble a request for designation (RFD) and how to work with FDA when submitting applications for combination products. To do this it will reference the extensive information provided by FDA's Office of Combination Products.

Perth Starters
8/14/2014 6:00 PM - 9:00 PM
Windsor Hotel, South Perth South Perth Australia
Event Listing
Summary:

We are a group of founders (developers, marketers, business people etc.) who meet weekly to support each other in our efforts to build lean startups using customer development and agile software development.

Hack Night
8/14/2014 6:00 PM - 8:00 PM
9 Elliewood Ave Charlottesville, Virginia United States
Event Listing
Summary:

HackCville's weekly hack night encourages members and curious guests to come work on your projects and learn about projects by other members.

Make Lehigh Valley Open Hack
8/14/2014 6:30 PM - 9:30 PM
Makerspace of Hive 4A Allentown, Pennsylvania United States
Event Listing
Summary:

Open Hack Nights provide an opportunity for folks who are interested in learning more about Make Lehigh Valley and the Hive4A MakerSpace to come on out and join in the fun! FAQ for first-time hackers.

Events Map