Joseph Borich III – Two-Day HIPAA Conference: Compliance and Training Certificate Program

Outline

DAY ONE

OVERVIEW: PURPOSE & FRAMEWORK OF HIPAA LAW

• Determine who must comply
• Penalties
• Audits
• What to do when state and federal laws contradict
• The government’s civil & criminal enforcement of HIPAA
• HIPAA transaction and code sets rule
• Payment/reimbursement
• Medicare/Medicaid fraud implications

​HIPAA COMPLIANCE: A STEP-BY-STEP GUIDE

• Developing the HIPAA team
• Who owns the medical record: the healthcare facility or the patient?
• Lack of medical necessity
• Record retention and release rules
• Drafting policies, procedures, and consent forms
• How long are you required to retain records?
• Mandatory medical records – how your practice could be affected

WORKSHOP: HIPAA COMPLIANCE MANUAL

• What’s required
• Assemble based on your needs

NEW! SECURITY RULE & STANDARDS OF HIPAA

• Determining who should have access to patient records
• Administrative, Physical, Technical safeguards
• Know what the bad guys are doing and protect yourself!
  • Malware
  • Ransomware
  • Evil social engineering

WORKSHOP: TECHNICAL STANDARDS

• What your IT department may not know
• Learn the technical standards required by NISF

NEW! A.C.A. MACRA, MEANINGFUL USE, PQRS, ICD-10, MEDICARE/MEDICAID RULES OF PARTICIPATION

NEW! PRIVACY RULE & STANDARDS OF HIPAA

NEW COVERED ENTITY: BUSINESS ASSOCIATES

• Analysis of all the rights of the patient and covered entities
• Duties and obligations of the covered entity
  • Business Associate Agreement (BAA) with vendors
  • Chain of Trust Partnership Agreements (CTPAs) for joint covered entity networks
  • Memorandums of Understanding (MOUs)

UPDATED MEDICAL RECORDS LAWS & RULES

• Specialized records
  • Minors
  • Cancer
  • HIV/AIDS
  • Mental health
  • Substance abuse
  • Genetic testing
  • Abortion
  • Elders
• Other Confidential Records
  • Court records
  • Subpoenas
  • Immigration
  • Worker’s compensation
  • Death records
  • Public policy releases
  • Search warrants
  • Qualified protective orders
  • Guardianships
  • Evidence admissibility
  • Verdicts

DAY TWO

NEW MEXICO MEDICAL RECORDS LAW

• 4 big areas of state medical records law
  • Enhance privacy rights under state law
  • How much do you charge for copies? What do the guidelines say?
  • Record Retention Timelines (how long do you have to retain your medical records timelines?) How long do you retain paper and/or electronic?
  • Duty to warn
  • Statutes of limitations for malpractice claims

WORKSHOP: REPORTING BREACHES

• Learn the difference between secure and insecure breaches
• Low vs. High Probability of Compromise

WHISTLEBLOWERS: HOW TO PREVENT AND HOW TO MANAGE

• Audits come from disgruntled employees
• Costs/malpractice insurance

CLIENTS COMPLAINTS: HOW TO PREVENT AND HOW TO MANAGE

WORKSHOP: PROPER ANALYSIS AND RISK MANAGEMENT

• Proper Gap and Risk Analysis
• Perform and implement good practices

CASE STUDY: WHAT YOU CAN LEARN FROM THE BIGGEST HIPAA COURT CASES

• HIPAA Civil Complaints and Fines
• HIPAA Criminal Prosecution

WORKSHOP: POLICIES AND PROCEDURES

• How to select and draft
• What is Required?
• What is Necessary?

ETHICS REQUIREMENTS & CONSIDERATIONS

TEST YOUR KNOWLEDGE! TAKE THIS BACK TO YOUR PRACTICE