Final HIPAA-HITECH Rules, Cybersecurity, and Privacy Dino TsibourisMehmet Munur (614)360-3133(614) 360-3101

Slides:

Advertisements

Similar presentations

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.

Advertisements

Implementing the New HIPAA Rules

THE DEPARTMENT OF HEALTH AND HUMAN SERVICES (HHS) OFFICE FOR CIVIL RIGHTS (OCR) ENFORCES THE HIPAA PRIVACY, SECURITY, AND BREACH NOTIFICATION RULES HIPAA.

HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.

HITECH ACT Privacy & Security Requirements Cathleen Casagrande Privacy Officer July 23, 2009.

An Overview for In-Home Service Providers Legal advice must be tailored to specific circumstances. Information provided in this presentation should not.

“Reaching across Arizona to provide comprehensive quality health care for those in need” Our first care is your health care Arizona Health Care Cost Containment.

HIPAA Basics Brian Fleetham Dickinson Wright PLLC.

Dinsmore & Shohl, LLP Stacey Borowicz, Esq. Simi Botic, Esq. August 14, 2013.

HIPAA Basics November 1, 2014.

HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.

HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.

HIPAA What’s New? What Is HIPAA Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act.

HIPAA Update: The Omnibus Rule Kathleen Stillwell, MPA/HSA,RN,CPHRM Patient Safety Risk Management Account Executive Matthew L. Kinley, Esq., Partner -

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

1 Navigating the Privacy and Security Issues: HITECH Overview Rebecca L. Williams, RN, JD Partner Co-chair of HIT/HIPAA Practice Davis Wright Tremaine.

HIPAA CHANGES: HITECH ACT AND BREACH NOTIFICATION RULES February 3, 2010 Kristen L. Gentry, Esq. Catherine M. Stowers, Esq.

Where to start Ben Burton, JD, MBA, RHIA, CHP, CHC.

 July 10, 2013 Richard D. Sanders T HE S ANDERS L AW F IRM, P.C. 7 Piedmont Center, Suite Piedmont Road Atlanta, Georgia (404)

Thank You For Your Participation Kansas City   Omaha  Overland Park St. Louis  Jefferson City This Employer.

W W W. L E C L A I R R Y A N. C O M Revisiting the PHI Breach Under HIPAA and HITECH and Considerations for Ophthalmologists Neil H. Ekblom, Esq. 885 Third.

Topics Rule Changes Skagit County, WA HIPAA Magic Bullet HIPAA Culture of Compliance Foundation to HIPAA Privacy and Security Compliance Security Officer.

HIPAA Regulations What do you need to know?.

Importance of the Information Risk Assessment. Compliance Programs are intended to proactively audit and assess an organization’s operations to detect.

2014 HIPAA Refresher Omnibus Rule & HIPAA Security.

Jill Moore April 2013 HIPAA Update: New Rules, New Challenges.

HIPAA in a Post-HITECH World

HIPAA Privacy of Health Information Claudia Allen, Esq. General Counsel HealthBridge.

What You Don’t Know Can Cost You HIPAA in a HITECH World Alaina N. Crislip, Esq. October 10, 2013.

Hot Topics Legal Update Jill D. Moore, JD, MPH University of North Carolina School of Government September 2014.

Privacy, Security and Compliance Concerns for Management and Boards November 15, 2013 Carolyn Heyman-Layne, Esq. 1.

Health information security & compliance

Health Insurance Portability & Accountability Act (HIPAA)

Responding to a Data Security Breach

March 19, 2009 Changes to HIPAA Privacy and Security Requirements Joel T. Kopperud Scott A. Sinder Rhonda M. Bolton.

Walking Through the Breach Notification Process - Beginning to End HIPAA COW Presentation and Panel April 8, 2011.

© Copyright 2014 Saul Ewing LLP The Coalition for Academic Scientific Computation HIPAA Legal Framework and Breach Analysis Presented by: Bruce D. Armon,

HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.

COMPLYING WITH HIPAA BUSINESS ASSOCIATE REQUIREMENTS Quick, Cost Effective Solutions for HIPAA Compliance: Business Associate Agreements.

Milada R. Goturi Tonya M. Oliver Thompson Coburn LLP 1.

California :: Delaware :: Florida :: New Jersey :: New York :: Pennsylvania :: Virginia :: Washington, D.C. :: 1 NEW OBLIGATIONS.

Dealing with Business Associates Business Associates Business Associates are persons or organizations that on behalf of a covered entity: –Perform any.

Polsinelli Shughart PC In California, Polsinelli Shughart LLP Final HIPAA Omnibus Rule Highlights Presented to the Colorado Bar Association, Health Law.

Quality Integrity Stewardship Courtesy Care Accountability Medical Records ARMA Florida Gulf Coast Chapter Michael Spake Lakeland Regional Medical Center.

LAW SEMINARS INTERNATIONAL CLOUD COMPUTING: LAW, RISKS AND OPPORTUNITIES Developing Effective Strategies for Compliance With the HITECH Act and HIPAA’s.

Privacy and Security Laws for Health Care Organizations Presented by Robert J. Scott Scott & Scott, LLP

The New HIPAA Era: What's New, What's Different and What's Actually Important Kirk J. Nahra Wiley Rein LLP Washington, D.C

Overview of the Omnibus Final HIPAA Rule Kohler HealthCare Consulting, Inc. Deanna Turner

Arkansas State Law Which Governs Sensitive Information…… Part 3B

HITECH Act and HIPAA: Important Compliance Update Susan E. Ziel Gerald “Jud” DeLoss.

Advanced Issues in Privacy: Drafting and Negotiating Business Associate Contracts Thomas E. Jeffry, Jr. Partner Davis Wright Tremaine LLP Los Angeles,

A PRACTICAL GUIDE TO RESPONDING TO A HEALTHCARE DATA SECURITY BREACH May 19, 2011 | State College, PA Matthew H. Meade Stephanie Winer-Schreiber.

HealthBridge is one of the nation’s largest and most successful health information exchange organizations. Tri-State REC: Privacy and Security Issues for.

HITECH and HIPAA Presented by Rhonda Anderson, RHIA Anderson Health Information Systems, Inc

Lessons Learned from Recent HIPAA Breaches HHS Office for Civil Rights.

Top 10 Series Changes to HIPAA Devon Bernard AOPA Reimbursement Services Coordinator.

Finally, the Final HIPAA/HITECH Regulations are Here! By LYNDA M. JOHNSON Friday, Eldredge & Clark.

HIPAA: Breach Notification By: Office of University Counsel For: Jefferson IRB Continuing Education September 2014.

Dino Tsibouris & Mehmet Munur Privacy and Information Security Laws and Updates.

Data Security in the Cloud and Data Breaches: Lawyer’s Perspective Dino Tsibouris Mehmet Munur

CYBERSECURITY: RISK AND LIABILITY March 2, 2016 Joshua A. Mooney Co-chair-Cyber Law and Data Protection White and Williams LLP (215)

AND CE-Prof, Inc. January 28, 2011 The Greater Chicago Dental Academy 1 Copyright CE-Prof, Inc

HIPAA: So You Think You’re Compliant September 1, 2011 Carolyn Heyman-Layne, J.D.

PHI Breach PHI Breach Dealing Breach With HIPAA Guidelines Guidelines.

Enforcement, Business Associates and Breach Notification. Oh my!

Patient Privacy for the Life Sciences Industry: 2012 Update Drew Gantt and David Sclar Cooley LLP 1.

HIPPA/HITECH Act Requirements Under the Business Associate Agreement Between CNI and Military Health Services.

By: Eamon Callahan and Wilston Johnston

NCHER 2018 Fall Legal Meeting October 5, 2018

Presentation transcript:

Final HIPAA-HITECH Rules, Cybersecurity, and Privacy Dino TsibourisMehmet Munur (614) (614)

Outline 1.Final HIPAA-HITECH Regulations 2.Breach Notification 3.Business Associate Agreements 4.Cybersecurity Developments 5.Other Privacy Developments 6.Questions

Why Comply? CVS $2.25 million fine Cignet Health $4.3 million fine BCBS of Tennessee $1.5 million fine Alaska DHHS $1.7 million fine Hospice of Northern Idaho $50,000 fine HHS investigated and resolved 19,306 cases

Final HIPAA-HITECH Rules Changes to Breach analysis and notification Changes to definition of Business Associates Security and Privacy Rule applicable directly to BAs Changes to Business Associate Agreements Changes to Privacy Notices Changes to restrictions on sale of PHI Changes to marketing rules

Business Associate Agreements BAs must enter into BAAs with sub-BAs Requires compliance with Privacy Rule Requires compliance with Security Rule Requires reporting of Security Incidents CE BAA BA sBA BAA

Breach Analysis Breach means the acquisition, access, use, or disclosure of protected health information in a manner not permitted under subpart E of this part which compromises the security or privacy of the protected health information.

Breach Analysis Old Analysis: – Notify only if significant risk of financial, reputation, or other harm New Analysis: – Presume that there is a breach unless you can establish that there is a low probability of compromise of PHI

Key Dates Rules effective March 26, 2013 Compliance Required by September 23, 2013 Updated Business Associate Agreements by September 22, 2014

Recommendations Revise Notices and Agreements Revise Breach Analyses, Policies, Procedures Conduct Risk Assessment Have policy and team in place, practice Disclose Security Incidents and Breaches Consider Insurance

Cybersecurity Developments Cybersecurity Executive Order Cyber Intelligence Sharing and Protection Act enactment Electronic Communications Privacy Act amendments National Security Letters lawsuits

Other Privacy Developments EU Data Protection Regulation – Global Application – Large Fines – Individual Protections – Affects Cloud Service Providers Social Media Password Laws – Arkansas, California, Delaware, Illinois, Maryland, Michigan, New Mexico, New Jersey, and Utah

Conclusion 1.Final HIPAA-HITECH Regulations 2.Breach Notification 3.Business Associate Agreements 4.Cybersecurity Developments 5.Other Privacy Developments 6.Questions

Questions Dino TsibourisMehmet Munur (614) (614)