Abstract: The Health Information Technology “Chicken Littles” who have been writing and saying for the past year that the Office for Civil Rights (“OCR”) of the U.S. Department of Health and Human Services (“HHS”) will ramp up Health Insurance Portability and Accountability Act (HIPAA) Security enforcement have been proven at least partially correct. Spot audits of healthcare providers, health plans and HIPAA Business Associates have begun.
The audits will assess, among other things, technical, physical and administrative safeguards for patient-identifiable information, steps to prevent data breaches, protocol for response to and remediation of breaches and documentation of a current HIPAA Security Risk Analysis. The auditors will, of course, review the key information systems, but they will also look for indications that security is an integral part of the business. The time to document such efforts, and training of the work force on security safeguards, is before an Audit Letter is received.
This webinar will provide practical information from a veteran attorney with broad experience in this field. It will address proactive steps, including internal mock audits, to be taken as the landscape shifts in the face of enhanced enforcement of the HIPAA Security Rule and the HITECH Act.
Speaker: Kenneth N. Rashbaum, Esq.
Biography: Kenneth N. Rashbaum, Esq., is an attorney in New York City. His practice focuses upon counsel to health care providers and life sciences corporations on privacy and security compliance and implementation. He has over twenty-five years’ experience in health care and the pharmaceutical industry as a litigator, trial lawyer and counselor, has presented numerous Grand Rounds and in-service lectures on a spectrum of compliance issues, and speaks and writes across the U.S. on health information system, privacy and security and operational design. www.rashbaumassociates.com