Washington, DC (PRWEB) January 24, 2013
Last week, HHS’s Office for Civil Rights released long-awaited privacy and security regulation implementing HITECH Act provisions. To explain it all, Atlantic Information Services, Inc., publisher of industry-leading newsletters “Report on Medicare Compliance” and “Report on Patient Privacy,” is pleased to announce “New Final Regulations Reinvent HIPAA Compliance: What Do They Mean for Hospitals and Other Covered Entities, Business Associates and ‘Subcontractors’?” an upcoming two-part series of webinars highlighting what organizations need to know about these extraordinary new final regulations, and offering practical strategies for patient privacy and data security compliance.
The newly released 563-page omnibus regulation triggers radical changes in many of the HIPAA/HITECH requirements with which covered entities (CEs) and business associates (BAs) must comply, transforming the relationship between CEs and BAs, spelling out the new HIPAA compliance obligations of BAs and — for the first time — regulating a new type of HIPAA entity: “subcontractors.” The rule also requires modifications and a redistribution of the Notice of Privacy Practices, finalizes the enforcement regulation, prohibits health plans from using genetic information for underwriting, includes new provisions for patient authorizations for research, adds new restrictions related to marketing and fundraising, and, in one of the highlights of the rulemaking, replaces the controversial “harm” standard in breach notification rules with a four-step determination as to whether notification is required.
Leading both sessions will be veteran HIPAA attorney Reece Hirsch of Morgan, Lewis & Bockius LLP. The webinars will run 90 minutes, each with a 60-minute presentation followed by a 30-minute concluding question-and-answer period. The Feb. 12 webinar will explain what the regulations mean for business associates/subcontractors, specifically:
- The new obligations and liabilities of BAs
- Changes to the liability of CE and CE/BA relationships
- Who are “subcontractors” and what are their new HIPAA obligations
- How CEs and BAs now should contract with/oversee subcontractors
- The changes that should be made in a CE’s BA agreements
- What to do in case of a breach at BA and subcontractor levels
The Feb. 13 webinar will be devoted to the wide range of new patient privacy and data security requirements:
- The major revision to the definition of a “breach”
- The new risk assessment standard that replaces the “harm” standard
- Required revisions to the Notice of Privacy Practices
- New restrictions on the “sale” of PHI without an individual’s authorization
- New rules for research authorizations
- New rules for the protection of genetic information and its use by health plans
- Revisions to rules for use and disclosure of PHI
- Revisions to an individual’s right to access and request restrictions
- Changes to the fundraising opt-out and disclosures for fundraising
- Expanded protection for the PHI of decedents
- Stronger enforcement of HIPAA/HITECH violations and imposition of penalties
Additionally, attendees of both webinars can save 25% by entering coupon code “25OFF” at checkout. For more information on this instructive webinar series about the new HIPAA/HITECH regulations, visit http://aishealth.com/marketplace/hipaa-webinars.
Atlantic Information Services, Inc. (AIS) is a publishing and information company that has been serving the health care industry for more than 25 years. It develops highly targeted news, data and strategic information for managers in hospitals, health plans, medical group practices, pharmaceutical companies and other health care organizations. AIS products include print and electronic newsletters, websites, looseleafs, books, strategic reports, databases, webinars and conferences. Learn more at http://www.AISHealth.com.