Presentation is loading. Please wait.

Presentation is loading. Please wait.

Final HIPAA-HITECH Rules, Cybersecurity, and Privacy Dino TsibourisMehmet Munur (614)360-3133(614) 360-3101

Published byCornelia Harrell Modified over 8 years ago

Similar presentations

Presentation on theme: "Final HIPAA-HITECH Rules, Cybersecurity, and Privacy Dino TsibourisMehmet Munur (614)360-3133(614) 360-3101"— Presentation transcript:

1 Final HIPAA-HITECH Rules, Cybersecurity, and Privacy Dino TsibourisMehmet Munur (614)360-3133(614) 360-3101 Dino@Tsibouris.comDino@Tsibouris.com Mehmet.Munur@Tsibouris.comMehmet.Munur@Tsibouris.com

2 Outline 1.Final HIPAA-HITECH Regulations 2.Breach Notification 3.Business Associate Agreements 4.Cybersecurity Developments 5.Other Privacy Developments 6.Questions

3 Why Comply? CVS $2.25 million fine Cignet Health $4.3 million fine BCBS of Tennessee $1.5 million fine Alaska DHHS $1.7 million fine Hospice of Northern Idaho $50,000 fine HHS investigated and resolved 19,306 cases

4 Final HIPAA-HITECH Rules Changes to Breach analysis and notification Changes to definition of Business Associates Security and Privacy Rule applicable directly to BAs Changes to Business Associate Agreements Changes to Privacy Notices Changes to restrictions on sale of PHI Changes to marketing rules

5 Business Associate Agreements BAs must enter into BAAs with sub-BAs Requires compliance with Privacy Rule Requires compliance with Security Rule Requires reporting of Security Incidents CE BAA BA sBA BAA

6 Breach Analysis Breach means the acquisition, access, use, or disclosure of protected health information in a manner not permitted under subpart E of this part which compromises the security or privacy of the protected health information.

7 Breach Analysis Old Analysis: – Notify only if significant risk of financial, reputation, or other harm New Analysis: – Presume that there is a breach unless you can establish that there is a low probability of compromise of PHI

8 Key Dates Rules effective March 26, 2013 Compliance Required by September 23, 2013 Updated Business Associate Agreements by September 22, 2014

9 Recommendations Revise Notices and Agreements Revise Breach Analyses, Policies, Procedures Conduct Risk Assessment Have policy and team in place, practice Disclose Security Incidents and Breaches Consider Insurance

10 Cybersecurity Developments Cybersecurity Executive Order Cyber Intelligence Sharing and Protection Act enactment Electronic Communications Privacy Act amendments National Security Letters lawsuits

11 Other Privacy Developments EU Data Protection Regulation – Global Application – Large Fines – Individual Protections – Affects Cloud Service Providers Social Media Password Laws – Arkansas, California, Delaware, Illinois, Maryland, Michigan, New Mexico, New Jersey, and Utah

12 Conclusion 1.Final HIPAA-HITECH Regulations 2.Breach Notification 3.Business Associate Agreements 4.Cybersecurity Developments 5.Other Privacy Developments 6.Questions

13 Questions Dino TsibourisMehmet Munur (614)360-3133(614) 360-3101 Dino@Tsibouris.comDino@Tsibouris.com Mehmet.Munur@Tsibouris.comMehmet.Munur@Tsibouris.com

Download ppt "Final HIPAA-HITECH Rules, Cybersecurity, and Privacy Dino TsibourisMehmet Munur (614)360-3133(614) 360-3101"

Similar presentations

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.
Implementing the New HIPAA Rules

Implementing the New HIPAA Rules
THE DEPARTMENT OF HEALTH AND HUMAN SERVICES (HHS) OFFICE FOR CIVIL RIGHTS (OCR) ENFORCES THE HIPAA PRIVACY, SECURITY, AND BREACH NOTIFICATION RULES HIPAA.

THE DEPARTMENT OF HEALTH AND HUMAN SERVICES (HHS) OFFICE FOR CIVIL RIGHTS (OCR) ENFORCES THE HIPAA PRIVACY, SECURITY, AND BREACH NOTIFICATION RULES HIPAA.
HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.

HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.
HITECH ACT Privacy & Security Requirements Cathleen Casagrande Privacy Officer July 23, 2009.

HITECH ACT Privacy & Security Requirements Cathleen Casagrande Privacy Officer July 23, 2009.
An Overview for In-Home Service Providers Legal advice must be tailored to specific circumstances. Information provided in this presentation should not.

An Overview for In-Home Service Providers Legal advice must be tailored to specific circumstances. Information provided in this presentation should not.
“Reaching across Arizona to provide comprehensive quality health care for those in need” Our first care is your health care Arizona Health Care Cost Containment.

“Reaching across Arizona to provide comprehensive quality health care for those in need” Our first care is your health care Arizona Health Care Cost Containment.
HIPAA Basics Brian Fleetham Dickinson Wright PLLC.

HIPAA Basics Brian Fleetham Dickinson Wright PLLC.
Dinsmore & Shohl, LLP Stacey Borowicz, Esq. Simi Botic, Esq. August 14, 2013.

Dinsmore & Shohl, LLP Stacey Borowicz, Esq. Simi Botic, Esq. August 14, 2013.
HIPAA Basics November 1, 2014.

HIPAA Basics November 1, 2014.
HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.

HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.
HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.

HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.
HIPAA What’s New? 2010. What Is HIPAA Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act.

HIPAA What’s New? What Is HIPAA Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act.
HIPAA Update: The Omnibus Rule Kathleen Stillwell, MPA/HSA,RN,CPHRM Patient Safety Risk Management Account Executive Matthew L. Kinley, Esq., Partner -

HIPAA Update: The Omnibus Rule Kathleen Stillwell, MPA/HSA,RN,CPHRM Patient Safety Risk Management Account Executive Matthew L. Kinley, Esq., Partner -
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
1 Navigating the Privacy and Security Issues: HITECH Overview Rebecca L. Williams, RN, JD Partner Co-chair of HIT/HIPAA Practice Davis Wright Tremaine.

1 Navigating the Privacy and Security Issues: HITECH Overview Rebecca L. Williams, RN, JD Partner Co-chair of HIT/HIPAA Practice Davis Wright Tremaine.
HIPAA CHANGES: HITECH ACT AND BREACH NOTIFICATION RULES February 3, 2010 Kristen L. Gentry, Esq. Catherine M. Stowers, Esq.

HIPAA CHANGES: HITECH ACT AND BREACH NOTIFICATION RULES February 3, 2010 Kristen L. Gentry, Esq. Catherine M. Stowers, Esq.
Where to start Ben Burton, JD, MBA, RHIA, CHP, CHC.

Where to start Ben Burton, JD, MBA, RHIA, CHP, CHC.
 July 10, 2013 Richard D. Sanders T HE S ANDERS L AW F IRM, P.C. 7 Piedmont Center, Suite 300 3525 Piedmont Road Atlanta, Georgia 30305 (404) 364-1819.

 July 10, 2013 Richard D. Sanders T HE S ANDERS L AW F IRM, P.C. 7 Piedmont Center, Suite Piedmont Road Atlanta, Georgia (404)
Thank You For Your Participation Kansas City   Omaha  Overland Park St. Louis  Jefferson City www.spencerfane.com www.UBAbenefits.com This Employer.

Thank You For Your Participation Kansas City   Omaha  Overland Park St. Louis  Jefferson City This Employer.

Similar presentations

Ads by Google