Training Options Duration: 90 Minutes
Thursday, September 28, 2017 | 10:00 AM PDT | 01:00 PM EDT
Overview: Now that the HIPAA rules have been in place for more than a dozen years, the days of advice and counseling have been replaced by a hard-nosed enforcement attitude, where HHS OCR is ready to make health care organizations that violate the rules feel some pain for their actions, and employer-based health plans are no exception. In order to determine their HIPAA compliance obligations, employers need to go through an analysis of their health insurance offereings for their employees. Employers need to examine, is the plan insured or self insured, is it one plan or several, do they rely on an insurer for all the functions or do they use a third party administrator, and much more. Much of the determination of how to comply depends on how involved the employer is with the operation of the plan and the kinds of information the employer receives about the health plan.
Why should you Attend: The HIPAA Privacy Rule governs the use and disclosure of Protected Health Information (PHI) by "covered entities." Covered entities are defined as health plans, health care clearinghouses and health care providers who transmit health information electronically using certain transactions . While the Privacy Rule does not directly regulate employers, the requirements apply to "group health plans" that are sponsored by many employers. Covered plans include those providing medical, dental, vision, pharmacy and other medical benefits. Flexible spending accounts also fall within the definition. The Privacy Rule specifically excludes from coverage disability plans, workers compensation plans and life insurance - despite potential coverage of medical services.
Areas Covered in the Session:
The various kinds of health plans under HIPAA will be explored and defined
The differences between self-insured and fully-insured health plans and their HIPAA obligations will be explained
The kinds of information that must be protected by the health plan and the health plan sponsor will be discussed
Requirements for HIPAA Business Associate Agreements will be explored, including an explanation of the circumstances under which establishing BAAs is required
Who Will Benefit:
Information Systems Manager
Chief Information Officer
Health Information Manager
Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities.
Phone No: 1-800-385-1607