Healthcare information has been under HIPAA controls for more than fifteen years now, and healthcare organizations are finally beginning to reach good compliance levels, but other regulations also impact health information privacy and security compliance. In addition to HIPAA, the rules for protecting information related to Substance Use Disorders have been in place since the 1970s, FERPA protects student information, including health and treatment information, various state laws call for protection of information, and now the European Union’s General Data Protection Regulation comes into play for the information of EU residents.

This session is designed to provide intensive, one and a half-day training in healthcare information privacy and security regulatory compliance, touching on the key regulations needing attention today.

The session will cover:

  • Principles of Information Privacy and Security
  • Privacy, Security, and Breach Notification under HIPAA
  • Interactions with the SAMHSA 42 CFR Part 2 regulations on information relating to substance use disorders
  • Interactions with the FERPA student information protections for information held by schools
Seminar Fee Includes:
AM-PM Tea/Coffee
Seminar Material
USB with seminar presentation
Hard copy of presentation
Attendance Certificate
$100 Gift Cert for next seminar
  • Determining the scope of your GDPR exposure and issues to address
  • HIPAA as a foundation for GDPR compliance
  • Challenges with issues today that didn’t even exist a few years ago, such as insecure communications, Ransomware, and social media

This seminar will also explain audits and enforcement, as well as how to respond to privacy and security breaches and how to prevent them. Numerous references and sample documents will be provided.

Learning Objectives:

This Seminar is designed for the healthcare compliance expert and newbie alike who wish to stay up with changes to HIPAA and related regulations in personal information privacy and security, such as GDPR, 52 CFR Part 2, and FERPA, as well as understand the regulatory issues most frequently encountered in day-to-day operation of health care entities. Objectives include learning related to a variety of topics, including:

  • Learning about patient rights, such as access and amendment of information, and how such rights are protected and enforced under HIPAA and other rules
  • How uses and disclosures may take place under HIPAA in a wide variety of circumstances, including such hot topics as sharing information with the family and friends of a patient, and how those disclosures would be limited by Part 2 rules.
  • When FERPA takes over health records in schools, and when HIPAA controls them
  • Changes to Substance Use Disorder records confidentiality under 42 CFR Part 2
  • The EU General Data Protection Regulation (GDPR) background and scope
  • Ensuring individuals have adequate access of their information under the various rules.
  • Understanding the limits on Disclosures under the various rules.
  • The place of Information Security and incident management using the HIPAA Security and Breach Notification Rules
  • Processes to be used in managing security, mitigating risks, and handling incidents
  • Proper methods of documentation and training to ensure compliance and help avoid penalties, including the use of internal audits and drills to improve compliance continuously and be prepared for incidents and enforcement investigations

Who will benefit:

This seminar will provide valuable assistance to all personnel in medical offices, practice groups, hospitals, academic medical centers, insurers, business associates (shredding, data storage, systems vendors, billing services, etc.). The following personnel will find this session valuable:

  • Compliance director
  • CEO
  • COO
  • CFO
  • Privacy Officer
  • Security Officer
  • Information Systems Manager
  • HIPAA Officer
  • Chief Information Officer
  • Health Information Manager
  • Healthcare Counsel/lawyer
  • Office Manager
  • Contracts Manager
Register by phone or need assistance? Call +1-888-717-2436 Register Now Download Brochure
Day 01(8:30 AM - 4:30 PM)
  • 08.30 AM - 09.00 AM: Registration
  • 09.00 AM: Session Start
  • Day one sets the stage with an overview of the healthcare information privacy and security regulations and then continues with presentation of the specifics of the HIPAA rules and recent and related rules such as 42 CFR Part 2 regarding Substance Use Disorder information, the FERPA regulations for student information held by schools, and the European Union’s General Data Protection Regulation (GDPR), including the impacts of required changes in your practices to meet the rules.

  • Overview of Privacy, Security, and Breach Notification Regulations
    • Approaches to Privacy and Security Regulations
    • Precedence in Competing Regulations
    • HIPAA, FERPA, and 42 CFR Part 2 Interactions
    • The GDPR Approach – Similarities and Differences
    • New State Laws Like GDPR, e.g. California
  • Healthcare Regulations and Patient Rights
    • Types of Entities, Entity Relationships, and Business Associates
    • The HIPAA Designated Record Set, Access, and Amendment
    • Patient Rights under 42 CFR Part 2
    • Student and Family Rights under FERPA
    • Individual Rights under GDPR
  • Healthcare Regulations and Uses and Disclosures of Protected Information
    • General Use and Disclosure Limitations for HIPAA, Part 2, GDPR, and FERPA
    • Disclosures to family and friends
    • Disclosures to providers, care coordinators, etc.
    • Disclosures to attorneys, the Attorney General’s office, etc., minors and guardian issues
    • Day-to-day disclosures
    • Training and Documentation Requirements
  • Current Hot Topics in Healthcare Privacy and Security
    • Access of Information
    • Enforcement and Audits
    • Sorting Out Regulatory Precedence
    • Implementation Issues
Day 02(8:30 AM - 12:30 PM)

    Day two begins with a detailed examination of HIPAA Security Rule and Breach Notification requirements and how they can be used to protect information under a variety of regulations, including what you need to do to protect information and what you have to do if you don’t, and the day concludes with a session on the essential activities of documenting policies, procedures, and activities, training staff and managers in the issues and policies they need to know about, and examining compliance readiness through drills and self-audits, all as part of a 10-step plan for reviewing and maintaining regulatory compliance.

  • Security and Breach Notification Principles
    • How the HIPAA Privacy, Security, and Breach Rules Work Together
    • Security Safeguards and The Role of Risk Analysis
    • Determining What Is a Breach and What Must Be Reported
    • Incident Management and Breach Reporting
    • Breaches, GDPR, and 42 CFR Part 2
  • Documentation, Training, Drills and Self-Audits
    • The 10-Day Regulatory Compliance Plan
    • How to Organize and Use Documentation to Your Advantage
    • Training Methods and Compliance Improvement
    • Conducting Drills in Incident Response
    • Using the HIPAA Audit Protocol for Documentation
Register by phone or need assistance? Call +1-888-717-2436 Register Now Download Brochure
Jim Sheldon-Dean

Jim Sheldon-Dean,
Principal and Director of Compliance Services, Lewis Creek Systems, LLC

Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities.

Mr. Sheldon-Dean serves on the HIMSS Information Systems Security Workgroup, has co-chaired the Workgroup for Electronic Data Interchange Privacy and Security Workgroup, and is a recipient of the WEDI 2011 Award of Merit. He is a frequent speaker regarding HIPAA and information privacy and security compliance issues at seminars and conferences, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference in Washington, D.C.

He has more than 30 years of experience in policy analysis and implementation, business process analysis, information systems and software development. His experience includes leading the development of health care related Web sites; award-winning, best-selling commercial utility software; and mission-critical, fault-tolerant communications satellite control systems. In addition, he has eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. He received his B.S. degree, summa cum laude, from the University of Vermont and his master’s degree from the Massachusetts Institute of Technology.

Register by phone or need assistance? Call +1-888-717-2436 Register Now Download Brochure

Register Now

Online using Credit card


Get the Invitation
Pre-Register yourself and get the official Invite when venue and dates are announced for this seminar.
Call here to register +1-888-717-2436 or email at [email protected]

Other Registration Option

By order form / PO#

Payment Mode

By Check -
Pay your check to (payee name) “MetricStream Inc” our parent company and Mail the check to:

ComplianceOnline (MetricStream, Inc),
6201 America Center Drive Suite 240
San Jose, CA 95002
USA

By Wire -

Register / Pay by Wire Transfer

Please contact us at +1-888-717-2436 to get details of wire transfer option.

Terms & Conditions to Register for the Seminar/Conference/Event

Your registration for the seminar is subject to following terms and conditions. If you need any clarification before registering for this seminar please call us @ +1-888-717-2436 or email us @ [email protected]

Payment:
Payment is required 2 days before the date of the conference. We accept American Express, Visa and MasterCard. Make checks payable to MetricStream Inc. (our parent company).

Cancellations and substitutions:
Written cancellations through fax or email (from the person who has registered for this conference) received at least 10 calendar days prior to the start date of the event will receive a refund - less a $150 administration fee. No cancellations will be accepted - nor refunds issued - within 10 calendar days before the start date of the event.

On request by email or fax (before the seminar) a credit for the amount paid minus administration fees ($150) will be transferred to any future ComplianceOnline event and a credit note will be issued.

Substitutions may be made at any time. No-shows will be charged the full amount.

We discourage onsite registrations, however if you wish to register onsite, payment to happen through credit card immediately or check to be submitted onsite. Conference material will be given on the spot if it is available after distributing to other attendees. In case it is not available, we will send the material after the conference is over.

In the event ComplianceOnline cancels the seminar, ComplianceOnline is not responsible for any airfare, hotel, other costs or losses incurred by registrants. Some topics and speakers may be subject to change without notice.

Attendance confirmation and documents to carry to the seminar venue:
After we receive the payment from the registered attendee, an electronic event pass will be sent to the email address associated with the registrant 5 working days before the seminar date. Please bring the pass to the venue of the event.

Conference photograph / video:
By registering and attending ComplianceOnline conference, you agree to have your photographs or videos taken at the conference venue and you do not have any objections to ComplianceOnline using these photos and videos for marketing, archiving or any other conference related activities. You agree to release ComplianceOnline from any kind of claims arising out of copyright or privacy violations.

Offers:

  • Early bird seats are limited and based on first-come, first-serve.
  • Multiple offers cannot be combined.
  • We are pleased to offer several exhibitor, sponsorship and media partnership options designed to maximize your company's exposure and networking opportunities before, during and after the event.

    Benefits of becoming a Sponsor/Exhibitor/Media Partner:

    • Logo on website, marketing email, branding materials & the registration booth
    • Exhibit Space
    • Free event pass
    • Speaking opportunity
    • Social media campaign

    For more details and other sponsorship options at this event, please contact Event Manager: [email protected] or call: +1-650-238-9656

    Media Partner:

    Media Partner

    Register by phone or need assistance? Call +1-888-717-2436 Register Now Download Brochure

    Local Attractions of San Francisco, CA

    Think Escape Party Bus

    Think Escape Party Bus
    San Francisco Bay Area

    Board a luxurious Think Escape party bus or limo and be whisked away to San Francisco's hottest nightclubs where VIP treatment brings all party bus guests to the front of the line. Planning the perfect night on the town is easy with Think Escape's fleet of luxury buses and extended vehicles, each with different amenities for socializing and transport. Think Escape's Bay Area party bus rentals include free entry into selected exclusive nightclubs, professional hostess and chauffer, in-vehicle coolers stocked with amenities for a perfect night of partying.

    Alcatraz Lunch Cruise

    Alcatraz Lunch Cruise

    The Alcatraz Lunch Cruise is a luxurious way to get to see some of San Francisco’s favorite sights. A gourmet lunch buffet features options like asiago Caesar salad, bay shrimp salad, roasted chicken, garlic-herb roasted new potatoes and more. While guests enjoy lunch, they can take in views of San Francisco Bay’s flora and fauna, Angel Island and Alcatraz, and a live narration explores the history of Alcatraz. Please note that this tour doesn’t stop on Alcatraz Island.

    Luxury Catamaran Sailing Cruise

    Luxury Catamaran Sailing Cruise

    A relaxing way to explore the San Francisco Bay is with the Luxury Catamaran Sailing Cruise. A drink bar and snacks are available for travelers’ enjoyment as they travel under the Golden Gate Bridge, around Alcatraz Island and even past a colony of sea lions. This is a peaceful San Francisco cruise option for families, and children under 5 ride for free.

    City Kayak

    City Kayak

    City Kayak, located on San Francisco's Embarcadero close to the San Francisco Giant's ATT Park, offers a great way to experience San Francisco from Bay level, a point of view and a unique experience you'll not soon forget.

    Think Escape Casino

    Think Escape Casino Tour
    San Francisco Bay Area

    San Franciscans may be familiar with Think Escape's party buses that shuttle the late-night crowds to and from various city nightclubs, but the Cache Creek Casino Escape is a little-known gem among Bay Area destinations. With personal charter service on the luxurious Fantasy Limo Bus to Cache Creek Casino and Resort, the Cache Creek Casino Escape tour is a smart choice for San Franciscans looking for a little gaming fun or planning a large group activity

    Register by phone or need assistance? Call +1-888-717-2436 Register Now Download Brochure

    We need below information to serve you better

     

    +1-888-717-2436

    6201 America Center Drive Suite 240, San Jose, CA 95002, USA

    Follow Us

    facebook twitter linkedin youtube

     

    Copyright © 2023 ComplianceOnline.com MetricStream
    Our Policies: Terms of use | Privacy

    PAYMENT METHOD: 100% Secure Transaction

    payment method