hipaa privacy and security y y surviving heightened
play

HIPAA Privacy and Security: y y Surviving Heightened Enforcement - PowerPoint PPT Presentation

Jan 10, 2024 •267 likes •836 views

Presenting a live 90 minute webinar with interactive Q&A HIPAA Privacy and Security: y y Surviving Heightened Enforcement Crafting and Implementing Data Security Policies and Responding to Breaches THURS DAY, MAY 5, 2011 1pm Eastern

  1. Presenting a live 90 ‐ minute webinar with interactive Q&A HIPAA Privacy and Security: y y Surviving Heightened Enforcement Crafting and Implementing Data Security Policies and Responding to Breaches THURS DAY, MAY 5, 2011 1pm Eastern | 12pm Central | 11am Mountain | 10am Pacific T d Today’s faculty features: ’ f l f Nathan A. Kottkamp, Partner, McGuireWoods , Richmond, Va. Gina M. Kastel, Partner, Faegre & Benson , Minneapolis Rebecca C. Fayed, Counsel, SNR Denton , Washington, D.C. The audio portion of the conference may be accessed via the telephone or by using your computer's speakers. Please refer to the instructions emailed to registrants for additional information. If you have any questions, please contact Customer Service at 1-800-926-7926 ext. 10 .

  2. Conference Materials If you have not printed the conference materials for this program, please complete the following steps: • Click on the + sign next to “ Conference Materials” in the middle of the left- hand column on your screen hand column on your screen. • Click on the tab labeled “ Handouts” that appears, and there you will see a PDF of the slides for today's program. • Double click on the PDF and a separate page will open. Double click on the PDF and a separate page will open. • Print the slides by clicking on the printer icon.

  3. Continuing Education Credits FOR LIVE EVENT ONLY For CLE purposes, please let us know how many people are listening at your location by completing each of the following steps: • Close the notification box • In the chat box, type (1) your company name and (2) the number of attendees at your location • Click the blue icon beside the box to send

  4. Tips for Optimal Quality S S ound Quality d Q lit If you are listening via your computer speakers, please note that the quality of your sound will vary depending on the speed and quality of your internet connection. If the sound quality is not satisfactory and you are listening via your computer speakers, you may listen via the phone: dial 1-888-450-9970 and enter your PIN when prompted Otherwise please send us a chat or e mail when prompted. Otherwise, please send us a chat or e-mail sound@straffordpub.com immediately so we can address the problem. If you dialed in and have any difficulties during the call, press *0 for assistance. Viewing Qualit y To maximize your screen, press the F11 key on your keyboard. To exit full screen, press the F11 key again press the F11 key again.

  5. HIPAA Enforcement: Th D The Dawn of a New Era f N E Nathan A. Kottkamp May 5, 2011 www.mcguirewoods.com

  6. HIPAA Enforcement: Before HITECH All Bark and No Bite? All Bark, and No Bite? McGuireWoods LLP | 6

  7. HIPAA Enforcement Pre-HITECH • Pre-HITECH – Penalty limited to $100 per violation or $25K for all y p identical violations • No Civil Money Penalties cases McGuireWoods LLP | 7

  8. Providence Health & Services-2008 la di da la di da . . . McGuireWoods LLP | 8

  9. Providence Health & Services-2008 • Providence agrees to pay $100,000 and implement a detailed • Providence agrees to pay $100 000 and implement a detailed Corrective Action Plan to ensure that it will appropriately safeguard identifiable electronic patient information against theft or loss. • The Resolution Agreement relates to Providence's loss of electronic backup media and laptop computers containing individually identifiable health information in 2005 and 2006. • Providence agreed to perform certain obligations (e.g., staff • Pro idence agreed to erfor certain obligations (e g staff training) and make reports to HHS for three years. • During the period, HHS monitors the compliance of the covered entity with the obligations it has agreed to perform entity with the obligations it has agreed to perform. http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/prov idenceresolutionagreement.html idenceresolutionagreement.html McGuireWoods LLP | 9

  10. CVS-2009 Patient records? Patient records? McGuireWoods LLP | 10

  11. CVS-2009 Under the Resolution Agreement, CVS agreed to pay a $2,250,000 resolution amount and implement a strong Corrective Action Plan that requires: and implement a strong Corrective Action Plan that requires: 1.revising and distributing its policies and procedures regarding disposal of protected health information; 2.sanctioning workers who do not follow them; 2.sanctioning workers who do not follow them; 3.training workforce members on these new requirements; 4.conducting internal monitoring; 5.engaging a qualified, independent third-party assessor to conduct assessments of 5.engaging a qualified, independent third party assessor to conduct assessments of CVS compliance with the requirements of the Corrective Action Plan and render reports to HHS; 6.new internal reporting procedures requiring workers to report all violations of these new privacy policies and procedures; and l 7.submitting compliance reports to HHS for a period of three years. http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/cvsresolutionagre ement.html McGuireWoods LLP | 11

  12. HIPAA Penalties Under HITECH The Health Information Technology for Economic and Clinical Health (HITECH) Act revised HIPAA’s enforcement regulations: (HITECH) Act revised HIPAA s enforcement regulations: – New Penalty Tiers: • Unknowing ($100 per violation/ $25K max) • Reasonable Cause (($1K per violation /$100 K max) • Willful neglect ($10K per violation/$250K max) • Uncorrected willful neglect ($50K per violation/$1.5M g ($ p $ max) – Civil and criminal liability for HIPAA violations extended to business associates – Mandatory investigations and civil penalties for violations due to willful neglect – Increased emphasis and significant funding on enforcement Increased emphasis and significant funding on enforcement McGuireWoods LLP | 12

  13. Rite Aid-2010 McGuireWoods LLP | 13

  14. Rite Aid-2010 Under the HHS resolution agreement, Rite Aid agreed to pay a $1 million resolution amount to HHS and must implement a strong corrective l i S d i l i action program that includes: – Revising and distributing its policies and procedures regarding disposal of protected health information and sanctioning workers di l f d h l h i f i d i i k who do not follow them; – Training workforce members on these new requirements; – Conducting internal monitoring; and – Engaging a qualified, independent third-party assessor to conduct compliance reviews and render reports to HHS. http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/riteai dresagr.html g McGuireWoods LLP | 14

  15. 2011 McGuireWoods LLP | 15

  16. Enforcement • To boost enforcement of the HIPAA security To boost enforcement of the HIPAA security rule, OCR has added investigators in 10 regional offices. • HHS is seeking $5.6 million increase in funding for Fiscal 2012 enforcement. • In FY 2010, the office received approximately 9,400 complaints associated with HIPAA privacy and security rules i d i l McGuireWoods LLP | 16

  17. Cignet Health-Landmark HIPAA Civil Monetary Penalty, February 4, 2011 Penalty February 4 2011 Today the message is loud and clear: HHS is y g “ “ serious about enforcing individual rights guaranteed by the HIPAA Privacy Rule and ensuring provider cooperation with our ensuring provider cooperation with our enforcement efforts.” -OCR Director Georgina Verdugo http://www hhs gov/ocr/privacy/hipaa/enforcement/examples/cign http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/cign etresolutionagreement.html McGuireWoods LLP | 17

  18. Cignet Health of Prince George’s County McGuireWoods LLP | 18

  19. Cignet Health of Prince George’s County, MD-Landmark HIPAA Civil Monetary Penalty, February 4, 2011 HIPAA Civil Monetary Penalty, February 4, 2011 • The first-ever civil money penalty of $4.3 million The first ever civil money penalty of $4.3 million • Cignet violated 41 patients’ rights by denying them access to their medical records when requested between September 2008 and October 2009. – The HIPAA Privacy Rule requires that a covered entity provide The HIPAA Pri acy Rule re uires that a co ered entity ro ide a patient with a copy of their medical records within 30 (and no later than 60) days of the patient’s request. – The CMP for these violations is $1.3 million. • Cignet failed to cooperate with OCR’s investigations of the complaints and produce the records in response to OCR’s subpoena. – Covered entities are required under law to cooperate with the Covered entities are required under law to cooperate with the Department’s investigations. – The CMP for these violations is $3 million. McGuireWoods LLP | 19

  20. Cignet Health-Landmark HIPAA Civil Monetary Penalty February 4 2011 Penalty, February 4, 2011 Covered entities and business associates must “ “ uphold their responsibility to provide patients with access to their medical records, and adhere closely to all of HIPAA’s requirements . . . . The y q U.S. Department of Health and Human Services will continue to investigate and take action against those organizations that knowingly g g g y disregard their obligations under these rules.” -OCR Director Georgina Verdugo OCR Director Georgina Verdugo http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/cign etresolutionagree etresolutionagreement.html ent ht l McGuireWoods LLP | 20

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

EVV Security and Privacy Approach Marguerite Marsh, HIPAA Privacy Officer Matt Williams, Bureau

EVV Security and Privacy Approach Marguerite Marsh, HIPAA Privacy Officer Matt Williams, Bureau

EVV Security and Privacy Approach Marguerite Marsh, HIPAA Privacy Officer Matt Williams, Bureau Chief, Information Security and Technology 1 What is HIPAA? 2 HIPAA What: Health Insurance Portability and How: Congress mandated the establishment

444 views • 9 slides
Beyond HIPAA: Registries as an exemplar of health data Beyond HIPAA Privacy,

Beyond HIPAA: Registries as an exemplar of health data Beyond HIPAA Privacy,

Beyond HIPAA: Registries as an exemplar of health data Beyond HIPAA Privacy, Confidentiality & Security Subcommittee May 15, 2018 Beyond HIPAA Initiative Builds on NCVHSs past work and the work of other government and private

240 views • 10 slides
HIPAA Audits and the New Audit Protocol Developing and Ensuring HIPAA and HITECH Privacy and

HIPAA Audits and the New Audit Protocol Developing and Ensuring HIPAA and HITECH Privacy and

Presenting a live 90-minute webinar with interactive Q&A HIPAA Audits and the New Audit Protocol Developing and Ensuring HIPAA and HITECH Privacy and Security Compliance TUESDAY, FEBRUARY 5, 2013 1pm Eastern | 12pm Central | 11am

793 views • 53 slides
HIPAA In The Workplace What Every Employer Should Know and Remember What is HIPAA? The

HIPAA In The Workplace What Every Employer Should Know and Remember What is HIPAA? The

HIPAA In The Workplace What Every Employer Should Know and Remember What is HIPAA? The Health Insurance Portability and Accountability Act of 1996 Portable Accountable Rules for Privacy Rules for Security

575 views • 33 slides
CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security in Healthcare Li Xiong Healthcare security and privacy HIPAA overview Research survey on information security and privacy in healthcare

1.05k views • 57 slides
and Security Training 2017 for Instructors and Students Authored by: Office of HIPAA

and Security Training 2017 for Instructors and Students Authored by: Office of HIPAA

Information Privacy and Security Training 2017 for Instructors and Students Authored by: Office of HIPAA Administration Objectives After you finish this Computer-Based Learning (CBL) module, you should be able to: Define privacy practices

691 views • 37 slides
and Security Training 2016 for Instructors and Students Authored by: Office of HIPAA

and Security Training 2016 for Instructors and Students Authored by: Office of HIPAA

Information Privacy and Security Training 2016 for Instructors and Students Authored by: Office of HIPAA Administration Objectives After you finish this Computer-Based Learning (CBL) module, you should be able to: Define privacy practices

827 views • 37 slides
Outline to HIPAA presentation I) Overview of the HIPAA Privacy Rule regulations that relate to

Outline to HIPAA presentation I) Overview of the HIPAA Privacy Rule regulations that relate to

Outline to HIPAA presentation I) Overview of the HIPAA Privacy Rule regulations that relate to obtaining a persons medical records for court proceedings and law enforcement purposes. A) Entities covered by HIPAA The medical records of a patient

405 views • 6 slides
Mechanical and Electrical Arts Surviving 112(f) and Disclosing Functional Basis to Meet Heightened

Mechanical and Electrical Arts Surviving 112(f) and Disclosing Functional Basis to Meet Heightened

Presenting a live 90-minute webinar with interactive Q&A Functional Claiming for Mechanical and Electrical Arts Surviving 112(f) and Disclosing Functional Basis to Meet Heightened Standard of Review THURSDAY, SEPTEMBER 7, 2017 1pm Eastern

1.2k views • 78 slides
HIPAA PRIVACY POLICIES & PROCEDURES Department of Behavioral Health and Developmental

HIPAA PRIVACY POLICIES & PROCEDURES Department of Behavioral Health and Developmental

HIPAA PRIVACY POLICIES & PROCEDURES Department of Behavioral Health and Developmental Services DBHHDS GENERAL AWARENESS TRAINING March 2012 HIPAA Humor (North Dakota Dept of Health) 2 HIPAA-Ectomy - the removal of individual

1.19k views • 61 slides
Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data

Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data

Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data Protecting Personal Data Privacy & Security Project HIPAA: What it is Health Insurance Portability and Accountability Act of 1996 Also known as

445 views • 26 slides
CFIUS Regulations and FINSA Compliance: Surviving Heightened Federal Scrutiny Leveraging Lessons

CFIUS Regulations and FINSA Compliance: Surviving Heightened Federal Scrutiny Leveraging Lessons

Presenting a live 90-minute webinar with interactive Q&A CFIUS Regulations and FINSA Compliance: Surviving Heightened Federal Scrutiny Leveraging Lessons from Recent CFIUS Cases WEDNES DAY, MAY 7, 2014 1pm East ern | 12pm Cent ral

296 views • 28 slides
HIPAA SECURITY POLICIES AND PROCEDURES (P&P) AND COMPUTER NETWORK DOCUMENTATION (CND) Get it

HIPAA SECURITY POLICIES AND PROCEDURES (P&P) AND COMPUTER NETWORK DOCUMENTATION (CND) Get it

HIPAA SECURITY POLICIES AND PROCEDURES (P&P) AND COMPUTER NETWORK DOCUMENTATION (CND) Get it from DUMATEK ! Get you HIPAA Security P&P and CND here! ONLY $5040.00 This solution becomes ongoing and proprietary to your company. HIPAA

107 views • 10 slides
FCSRMC HIPAA PRIVACY & SECURITY PRESENTATION BDO US A, LLP, a Delaware limit ed liabilit

FCSRMC HIPAA PRIVACY & SECURITY PRESENTATION BDO US A, LLP, a Delaware limit ed liabilit

FCSRMC HIPAA PRIVACY & SECURITY PRESENTATION BDO US A, LLP, a Delaware limit ed liabilit y part nership, is t he U.S . member of BDO Int ernat ional Limit ed, a UK company limit ed by guarant ee, and forms part of t he int ernat ional

908 views • 32 slides
Beyond HIPAA: Stewardship By Design as applied to data, device, and app exemplars NCVHS

Beyond HIPAA: Stewardship By Design as applied to data, device, and app exemplars NCVHS

Beyond HIPAA: Stewardship By Design as applied to data, device, and app exemplars NCVHS Subcommittee on Privacy, Confidentiality and Security September 2018 Beyond HIPAA Initiative Builds on NCVHSs past work and the work of other

189 views • 15 slides
DATA SHARING & BREACH PROTOCOLS UNDER THE FINAL HIPAA PRIVACY RULE I. INTRODUCTION: The

DATA SHARING & BREACH PROTOCOLS UNDER THE FINAL HIPAA PRIVACY RULE I. INTRODUCTION: The

DATA SHARING & BREACH PROTOCOLS UNDER THE FINAL HIPAA PRIVACY RULE I. INTRODUCTION: The Health Insurance Portability and Accountability Act (HIPAA) Administrative Simplification provisions apply to three types of entities, which are known as

111 views • 7 slides
835 acres 76% impervious Combined and separately sewered areas Two outfalls Downtown

835 acres 76% impervious Combined and separately sewered areas Two outfalls Downtown

835 acres 76% impervious Combined and separately sewered areas Two outfalls Downtown Stormwater Modeling Project, March 2017, CDM Smith Downtown Stormwater Modeling Project, March 2017, CDM Smith Route 34 and Union Ave 8.8-8.9 feet

771 views • 24 slides
Dr. Lal PathLabs Limited Corporate Presentation August 2018 Disclaimer By attending the meeting

Dr. Lal PathLabs Limited Corporate Presentation August 2018 Disclaimer By attending the meeting

Dr. Lal PathLabs Limited Corporate Presentation August 2018 Disclaimer By attending the meeting / telephonic call where this presentation is made, or by reading the presentation materials, you agree to be bound by the following limitations: The

540 views • 32 slides
SBIRT Youth Learning Community Bridget Murphy, M.Ed. Program and Policy Analyst & Evan

SBIRT Youth Learning Community Bridget Murphy, M.Ed. Program and Policy Analyst & Evan

SBIRT Youth Learning Community Bridget Murphy, M.Ed. Program and Policy Analyst & Evan Elkin, MA Executive Director Reclaiming Futures, Portland State University January 26, 2016 Behavioral Health is Essential to Health Prevention Works

548 views • 21 slides
VISION 2020 QUALITY SCHOOLS IN EVERY VISION 2020 QUALITY SCHOOLS IN EVERY NEIGHBORHOOD BOARD

VISION 2020 QUALITY SCHOOLS IN EVERY VISION 2020 QUALITY SCHOOLS IN EVERY NEIGHBORHOOD BOARD

VISION 2020 QUALITY SCHOOLS IN EVERY VISION 2020 QUALITY SCHOOLS IN EVERY NEIGHBORHOOD BOARD WORKSHOP: NEIGHBORHOOD BOARD WORKSHOP: 2018 2018-19 LOCAL CONTROL AND 19 LOCAL CONTROL AND ACCOUNTABILITY PLAN (LCAP) ACCOUNTABILITY PLAN (LCAP)

1.56k views • 123 slides
The Commission Supporting the health and disability sector to deliver safe and quality health

The Commission Supporting the health and disability sector to deliver safe and quality health

Kupu Taurangi Hauora o Aotearoa The Commission Supporting the health and disability sector to deliver safe and quality health care to all New Zealanders Works with clinicians, health providers and consumers to: improve the quality and safety

876 views • 58 slides
RELIABILITY OF 30-DAY READMISSION MEASURES IN THE HOSPITAL READMISSION REDUCTION PROGRAM Michael

RELIABILITY OF 30-DAY READMISSION MEASURES IN THE HOSPITAL READMISSION REDUCTION PROGRAM Michael

RELIABILITY OF 30-DAY READMISSION MEASURES IN THE HOSPITAL READMISSION REDUCTION PROGRAM Michael P . Thompson PhD, Health Services and Policy Research Group Department of Preventive Medicine, University of Tennessee Health Science Center 1

324 views • 17 slides
LInX Carolinas Coverage Map Today UNCLASSIFIED LInX Update CJIN Meeting October 2018

LInX Carolinas Coverage Map Today UNCLASSIFIED LInX Update CJIN Meeting October 2018

L AW E NFORCEMENT I NFORMATION E XCHANGE LI N X C AROLINAS U PDATE C RIMINAL J USTICE I NFORMATION N ETWORK G OVERNING B OARD M EETING T HURSDAY , O CTOBER 24, 2018 C OLLEEN W OOD A CTING P ROGRAM M ANAGER C URRENT S TATUS UNCLASSIFIED LI N X A

393 views • 22 slides
New MILP Modelings for Symmetric-Key Primitives Christina Boura (Joint-work with Daniel Coggia)

New MILP Modelings for Symmetric-Key Primitives Christina Boura (Joint-work with Daniel Coggia)

New MILP Modelings for Symmetric-Key Primitives Christina Boura (Joint-work with Daniel Coggia) University of Versailles and Inria de Paris August 6, 2020 1 / 43 Symmetric-key encryption Alice and Bob share the same secret key for encryption

983 views • 47 slides

More recommend