Proactive Monitoring of Workforce Access to e-PHI: HIPAA Security Rule Administrative Safeguards

Why Should You Attend:

Proactively monitoring workforce access to e-PHI reduces false positives and can support policies and procedures required by the HIPAA Security Rule. Office of Civil Rights (OCR) was naturally interested in examining privacy, security, and breach response during 2016’s Phase 2 audits. Software platforms, such as Protenus, establish clinically-aware relationships between workforce data and access attempts to the EHR. These platforms detect and confirm appropriate, HIPAA-compliant access to the EHR, and identify inappropriate access.

This webinar will discuss how traditional privacy monitoring solutions are being supplanted by these more advanced analytics platforms, which allow a more effective view into EHR access and use. Additionally, it will also provide an overview of how these emerging technologies can be useful for complying with HIPAA Security Rule administrative safeguards. Attendees will also garner innovative approaches for HIPAA compliance from the session.

Learning Objectives:

• Understand innovative approaches for HIPAA compliance
• Learn how to detect both proper and improper access within workforce behavior in covered entity
• Explain the HIPAA administrative safeguards and how to implement policies and processes that address these safeguards
• How software platforms can help covered entities increase confidence in adherence to the ‘minimally necessary standard’

Areas Covered in the Webinar:

• Streamline workflow and efficiently address potential inappropriate access.
• Understand access to ePHI and modern techniques to integrate intelligence on workforce member activity, clinical context, workstation location, and hundreds of other healthcare-specific analytics to create an understanding of user access in the HER.
• Proactive monitoring helps ensure compliance with administrative safeguards. HIPAA Security Rule lists the safeguards an organization’s administration must implement in order to comply with the HIPAA Security Rule. Understand how proactive monitoring supports 8 safeguards.
• How to gather data to evaluate the effectiveness of education and training programs through analysis of longitudinal results.
• Methods to gain deep insight into business associate activity involving the HER.

Who Will Benefit:

• Compliance Officer
• HIPAA Privacy Officer
• HIPAA Security Officer
• Medical/Dental Office Managers
• Practice Managers
• Information Systems Manager
• Chief Information Officer
• General Counsel/lawyer
• Practice Management Consultants
• Any business associates that access protected health information
• IT companies that support medical/dental practices or other healthcare

John Steiner
Former Chief Compliance Officer, Cancer Treatment Centers of America

John E. Steiner, Jr., Esq., CHC, CCEP, is the former Chief Compliance and Privacy Officer and Associate General Counsel for Cancer Treatment Centers of America (CTCA), based in Schaumburg, Illinois. He is a member of the executive team and responsible for the design, implementation and administration of an enterprise compliance program. He is a national speaker on health law and compliance topics. He is also a nationally recognized author and editor of a variety of health care and compliance publications.

Prior to his current position, Mr. Steiner served as the chief compliance officer for UK HealthCare of the University of Kentucky, Lexington, Kentucky, where he was responsible for the enterprise wide compliance program. He previously served as the chief compliance and privacy officer for the Cleveland Clinic Health System, where he was the first compliance officer in the history of the Cleveland Clinic and designed, implemented and administered the corporate compliance program for the health care system.

Mr. Steiner also was senior counsel for the American Hospital Association. He obtained his BA from the Johns Hopkins University, and his JD, with honors, from Chicago-Kent College of Law in Chicago, Illinois. He is the vice chairman of the American Bar Association Health Law Committee, a former board member of the Health Care Compliance Association and former chairman of the American Medical Group Association's Council of Compliance Officers.

Robert Lord
Co Founder, Protenus

Robert Lord, CEO and Co-Founder, Protenus, began his career designing and managing analytical systems for the world’s most successful hedge fund, Bridgewater Associates. He attended the Johns Hopkins University School of Medicine where he saw firsthand how electronic medical records are used to improve patient care and share data more efficiently.

Bringing this quantitative and systems-based background to tackle the problem of health data security was a natural transition. Robert advocates for the improvement of Maryland’s business ecosystem, teaches at Johns Hopkins, and is a published clinical researcher. He is a frequent speaker on Health IT, cybersecurity, patient privacy, analytical systems, and entrepreneurship. He holds an A.B. in Social Studies, magna cum laude, from Harvard College.

Follow us :