There is a lot to know about HIPAA and there have been numerous changes in the past few years most practices are not aware of that could cost your practice in productivity, fines and loss of reputation. We will review HIPAA compliance from A to Z. Everything you need to know will be covered, including your responsibilities of holding the title, HIPAA Compliance Officer. Patient rights to their medical records are the biggest change to the Privacy Laws and they are being strictly enforced. The average fine is $85,000, even to small practices. We will go over the patient’s rights and the policies that need to change in your office. We will also review all of the other HIPAA rights given to patients. Healthcare cybersecurity is extremely important. We will go over actual incidents and how they were handled so you know what to expect. Even more informing, we will help you process what can happen so that your office will be better prepared when the worst happens.Staff training and awareness are key to avoiding security incidents and breaches. We will go over the best way to train and inform your staff on common social engineering tactics and how to recognize them so that your office is not a victim. We will also review “Reasonable” security that will protect your practice in a cost-effective manner. We go over the essentials you need to discuss and implement with your IT vendor or department. This training will aid the small physician practice all the way to hospital security. Both are different and the HIPAA Security Rule gives you the flexibility to protect patient privacy in a manner that makes cost/benefit sense. Finally, we will go over a breach, small, under 500 and major, 500 records or more. First, you and your staff need to be able to identify a breach. Next, a breach risk assessment is required and that will determine if the breach is reportable. Not reporting breaches yearly flags the OCR that you do not have the documentation to show a “Culture of Compliance”. We know that this 90-minute training will make your practice/organization not only HIPAA compliant, but a much more secure practice for the valuable patient records you maintain. Areas CoveredAccess Rights InitiativePatient Privacy RightsSubpoenasBreach Identification and NotificationRansomware and other Malicious ActivityHealthcare CybersecurityPermitted DisclosuresDisclosures to Law EnforcementIT Review to Meet HIPAA Security Rule RequirementsWhat to do when your office is struck with RansomwarePolicies and Procedure requirementsHIPAA Staff Training and On-going Training RequirementsWillful NeglectRequired PostingHIPAA is Changing – Proposed Changes to the HIPAA RegulationsYour responsibility as the HIPAA Compliance OfficerDocumentation RequirementsMobile Device PolicyInteroperabilityEmail and Text MessagesSecurity Risk AssessmentBusiness AssociatesRequired PlansMinimum Necessary StandardReasonable Security to Protect Patient PrivacyCulture of Compliance – Documentation Required from Actual Breach Audits from the OCRCourse Level - Basic to Advanced Who Should AttendCEO, COO, Office Managers, Administrators, HIPAA Privacy and Security Officer, Physicians, and Administrative Staff.Why Should You AttendThe Office for Civil Rights, the government agency that enforces HIPAA, is enforcing HIPAA violations as never before. Your practice could face substantial fines for violating the Patient Access Initiative. Most HIPAA Compliance Officers are unaware of a patient’s right to access their medical records via email or have the proper documentation to charge a patient for medical records. Your state allowable fees are no longer valid for patients seeking copies of their medical records. In addition, most practices are not properly handling small breaches when they occur, thereby violating both Federal and State Breach Notification Laws. There are huge fines for breach violations and not reporting breaches, required yearly, is a major red flag. If you are not reporting breaches as required, what other HIPAA documentation are you lacking? We will go over the most common HIPAA violations with easy corrections and fixes, show you how to address Healthcare Cybersecurity by raising Awareness in your office and how to identify and report breaches. We will also review what is required in the form of cybersecurity from your IT department or vendor. Being proactive is a Security Rule and Privacy Rule requirement. We will show you how your practice can be proactive in the protection of your patient records.