HIPAA Accounting of Disclosures Rule

AUDIO CONFERENCE ON CD OR ON-DEMAND

Sponsored by Briefings on HIPAA

Presented on Tuesday, July 19, 2011

The HIPAA Privacy Rule’s requirements for Accounting of Disclosures is one of the most difficult of the HITECH requirements, experts say. Proposed new regulations dramatically expand the requirements well beyond the parameters laid out in HITECH. Providers have to be able to report every instance when a patient’s electronic record is viewed, whether by the organization’s staff or a business associate.

During this 90-minute audio conference, our speakers will help you understand what is included in the proposed rule, what is included in a designated record set, analyze your existing tracking processes, and reasonably ensure your organization will be ready for patient requests for accounting of medical record disclosures – both electronic and non-electronic disclosures. You’ll walk away with a good understanding of the proposed rule and be in a position to submit comments to OCR about potential amendments you believe are necessary.

This is an intermediate-level program. Listeners should understand the current requirements of an accounting of disclosure and the definition of a designated record set (DRS)

LEARNING OBJECTIVES

At the end of the program you will be able to:

• Describe the main components of the HIPAA Privacy Rule accounting of disclosures proposed rule
• Document what is included in the electronic and non-electronic designated record sets (DRS) at your organization
• Make updates to your Notice of Privacy Practices (NPP)
• Document existing auditing capabilities
• Address patient requests for an accounting of disclosures (electronic and non-electronic)
• Communicate to your vendors how to comply with the new requirements
• Submit rule comments to OCR

THE AGENDA

• HIPAA disclosure proposed rule
  • Conflicts in statute: EHRs v. electronic designated record sets (DRS)
  • New “access report” requirement
  • Changes to accounting of disclosure requirement
  • Analysis of public comments
• Proposed rule v. existing HIPAA Security Rule Requirements
  • Assessing current compliance requirements for auditing (45 CFR 164.312)
  • Comparing your auditing process to proposed requirements
  • Evaluating capabilities of current EHR vendors
  • Evaluating the capabilities of other vendors or “home grown” applications used to store patient information electronically
  • Presenting information in a patient-friendly format 
• Designated Record Set
  • Original Privacy Rule definition
  • Proposed rule implications
• Action steps
  • Working with business associates
  • Taking inventory of your DRS
  • Making public comments to OCR
  • Updating Notice of Privacy Practices (NPPs)
  • Evaluating existing auditing measures
• A question and answer session follows the presentation.

MEET THE SPEAKERS

Chris Apgar, CISSP, is president of Apgar & Associates, LLC in Portland, OR, an independent consulting firm specializing in security, privacy, and regulatory compliance. He is a nationally recognized information security, privacy, HIPAA and electronic health information exchange expert, a member of the Workgroup for Electronic Interchange (WEDI) Board of Directors, and works locally and nationally to assist with standardized HIT adoption.

Jeffery P. Drummond is a partner with Jackson Walker in Dallas where he practices health law regarding healthcare regulation and corporate transactions. He writes the original HIPAA Blog at www.hipaablog.blogspot.com. He is a frequent writer and speaker on medical record privacy and security issues, HIPAA, and the FTC Red Flags Rule, and advises clients regarding compliance with those laws and regulations.

CONTINUING EDUCATION

AAPC: This program has prior approval of the American Academy of Professional Coders for 1.5 Continuing Education Units. Granting of this approval in no way constitutes endorsement by the Academy of the program, content or the program sponsor.

AHIMA: This program has been approved for 1.0 continuing education unit for use in fulfilling the continuing education requirements of the American Health Information Management Association (AHIMA).

WHO SHOULD LISTEN?

Compliance officers, privacy officers, security officers, HIM directors, in-house counsels, CIOs, IT directors, health plans, business associates, EHR vendors, practice management system vendors

BONUS MATERIAL INCLUDED IN YOUR MATERIAL PACKET

In addition to the expertise and advice presented during this audio conference, you'll also receive a slide presentation of the program materials as well as a designated record set sample.

AUDIO ON-DEMAND

In addition to the regular participation options for HC Pro audio conferences—live, CD, or combination packages—we are pleased to offer another option, audio on-demand. Audio on-demand allows you to download the program and play it back at your convenience through your computer or MP3 player. It's also a perfect training tool for new staff or as a refresher for veteran staff.

• Audio Conferences

• Other Corporate Compliance Products
• Other Health Information Management Products