With the compliance deadline looming, healthcare organizations of all sizes are scrambling to understand their obligations under the final HIPAA Omnibus Rule. The omnibus package substantially modifies the HIPAA privacy, security and enforcement rules. Plus, it spells out new guidelines for assessing whether a security incident is a reportable breach.
Register for this session to gain insights from two of the nation's best-known HIPAA experts: Adam Greene, a former official at the HHS Office for Civil Rights, which enforces HIPAA, and consumer privacy advocate Deven McGraw, a federal adviser who helped craft recommendations that were included in the new regulations.
Key provisions of the rule and how to prepare to comply;
The implications of the new guidance on breach notification;
What the new rule means for business associates and the organizations they serve.
In January, the Department of Health and Human Services issued the long-overdue HIPAA omnibus rule, implementing modifications called for under the HITECH Act.
Figuring out how to comply with the massive new rule is a daunting challenge for hospitals, clinics, health insurers and others that are looking for the best ways to protect patient information.
In this session, you'll hear from two top HIPAA experts: Deven McGraw, a federal adviser who helped craft recommendations that were included in the new regulations, and Adam Greene, a former official at the HHS Office for Civil Rights, which enforces HIPAA.
Among the issues they will analyze are:
Changes in the breach notification rule. Learn how to take a new approach to assessing whether a breach must be reported to federal authorities as well as those affected
New business associate responsibilities. Find out how HIPAA now applies to business associates as well as their subcontractors, and get tips on how to work with BAs on key compliance issues.
HIPAA enforcement changes. Hear an explanation of the new focus on "willful neglect" issues as well as other new enforcement provisions
Marketing restrictions. Gain a better understanding of how the rule restricts the sale of patient information and affects certain marketing activities
Patient access to electronic records. Learn how hospitals, clinics and others must respond to patient requests for electronic copies of their information
Keeping certain treatment data confidential. Find out how healthcare providers must accommodate patients who ask that information about treatment that they paid for out of their own pocket not be shared with their health insurer
former Regulator, U.S. Department of Health and Human Services; Partner, Davis Wright Tremaine LLP
Greene is a partner in the Washington, D.C. office of Davis Wright Tremaine and co-chair of its Health Information Group. He primarily counsels health care providers, technology companies, and financial institutions on compliance with the HIPAA privacy, security, and breach notification rules. Previously, Greene was a regulator at the U.S. Department of Health and Human Services, where he played a fundamental role in administering and enforcing the HIPAA rules. At HHS, he was responsible for determining how HIPAA rules apply to new and emerging health information technologies and was instrumental in the development of the current HIPAA enforcement process. Greene is the Chair of the HIMSS Cloud Security Workgroup and is a frequent speaker and author on health information privacy and security issues.
Former Deputy Director of Health Information Privacy, Department of Health and Human Services' Office of Civil Rights
McGraw was the acting chief privacy officer and deputy director of health information privacy at the Department of Health and Human Services' Office for Civil Rights, which enforces HIPAA. Previously, she was a partner at the law firm Manatt, Phelps & Phillips LLP, where she co-chaired its privacy and data security practice. Earlier, she was director of the health privacy project at the Center for Democracy & Technology, a consumer advocacy group. For six years, McGraw served as an adviser to HHS on health data privacy and security issues. She served on the Health IT Policy Committee, which advises HHS' Office of the National Coordinator for Health IT, and co-led the committee's Privacy and Security Workgroup as well as its Information Exchange Workgroup.