Comprehensive Compliance Training Program
Section 1: What is HIPAA and What Does it Require?
Focus: High level overview
HIPAA Overview: Industry and Legislative Background
Description: This session will examine the industry environment that led to the passage of the HIPAA Legislation. It will explain the HIPAA legislation and regulatory process of rule making and enforcement.
HIPAA Introduction: Who, What, When of HIPAA
Description: This session will provide a high level overview of HIPAA including information related to EDI, Privacy and Security. It will answer the basic questions of who, what and when for HIPAA: who must comply, when they must comply, what HIPAA compliance requires and a high level look at what an organization must do to comply. This session will also begin the process of looking more closely at the specifics of what HIPAA requires. It will present a high level summary of the requirements of the HIPAA rules on Transactions and Code Sets, Privacy, Security, and Identifiers.
The Impact of HIPAA on Your Organization
Description: This session will examine the impact of HIPAA on an organization. It will look at the whole spectrum of covered entities (payers, providers, clearinghouses) and vendors, allowing each entity to gain insight into the impact of HIPAA on the other industry stakeholders with which it interacts.
Compliance and Implementation Strategies: How Do I Get Started?
Description: This session will look at what an organization needs to do to begin implementation of the HIPAA requirements. It will include a discussion of strategies and options for compliance: use a clearinghouse, replace existing systems, or fix the systems. The session will also look at how to integrate HIPAA compliance with an organization’s overall e-Business strategies.
Section 2: HIPAA Privacy and Security Nuts and Bolts
Focus: Comprehensive information and discussion.
HIPAA Privacy: What Does It Require?
Description: This session will focus on the key concepts and requirements of the Privacy rule with which providers and staff will need to comply. From this session providers and staff will learn what privacy requirements apply to their organizations and what are the “next steps” to begin their compliance efforts.
HIPAA Security: What Does It Require?
Description: This session will focus on the key concepts and requirements of the Security rule. The session will detail not only the administrative, non-technical requirements of the proposed Security Rule but also will provide an explanation in layman’s terms of the rule’s technical requirements. The session will examine the scalable, flexible nature of the rule and what that means to different organizations.
Security & Privacy Intersections: When Security and Privacy MeetDescription: This session will look at those parts of the Privacy and Security rules that interact and overlap. Issues such as minimum necessary, need to know, audit trails, and access controls illustrate how closely the Privacy and Security rules interact.
HIPAA Privacy: Policies and Procedures
Description: This session will focus on the key areas of the Privacy and Security rules that require creation of policies and procedures to implement the requirements of the rules. While each organization must create its own policies and procedures, this session will help providers and staff understand what policies and procedures they will need to develop and the key components they should include.
HIPAA Audits + Enforcement
Description: HIPAA Audits + Enforcement is the new tip of the HIPAA iceberg. Despite the fact that OCR does not mean to frighten either covered entity and business associates they are doing a good job of it lately. Beginning in late October 2016 and not yet finished OCR has put out more guidance and seven (7) enforcement actions! Yikes! But OCR is not the only form of HIPAA privacy, and security enforcement. Don’t forget the HHS Office of Inspector General, the FDA, FTC, plus federal and states courts. From this session providers and staff will learn the outline of areas that need two be included in their yearly HIPAA self-audit and review.
Section 3: HIPAA EDI Transactions, Code Sets, Identifiers and Signatures
Focus: Comprehensive information and discussion.
HIPAA Identifiers: Provider, Employer, Payer
Description: This session will look at the standard identifier for provider, employer and payer, mandated by HIPAA and the impact on an organization’s workflow and system setup.
HIPAA Code Set Standards: Impact on Workflow and System
Description: This session will look at the code sets mandated by HIPAA and the impact on an organization’s workflow and system setup. HIPAA mandates specific codes that include not only clinical codes but administrative codes. Every organization is impacted and will have to determine how it will coordinate the transition from old to new codes as well as how to handle paper versus electronic transactions.
HIPAA Technical Standards: EDI Transactions
Description: This session will discuss the mandated EDI transactions, presenting an overview of each transaction and its impact on both the entities generating and receiving the transactions. It will look at some of the issues related to both the format and content of the transactions.
Electronic Signatures: What is Required?
Description: While electronic signatures are not mandated by HIPAA, proposed standards were included in the proposed Security rule. This session will discuss the electronic standards proposed for those entities that choose to implement electronic signatures.
Download Training Outline
Join HIPAAedu Today! Signup for free HIPAA webinars and training!