Date and Time

November 30, 2022
2:00-3:00 PM ET

Speakers

Barbara Carr, RHIA
Strategic Advisor
Verisma

Category

Information Protection; Access, Disclosure, Privacy and Security

Presentation Content

The information blocking definition of electronic health information (EHI) includes the entire scope of electronic protected health information (ePHI) that is or would be in a Designated Record Set (DRS). Prior to October 6, 2022, the definition of information blocking was focused only on the subset of EHI that is represented by elements in the United States Core Data for Interoperability (USCDI) v1. As of October 6, 2022, all EHI falls within the scope of the information blocking definition.

What is and what is not EHI for purposes of information blocking regulations? In this presentation you will hear from experts with the ONC (Office of the National Coordinator for Health IT) on what EHI is and how its definition relates to but differs from the definition of ePHI under the HIPAA Rules. Learn about current information blocking policy and what healthcare organizations and providers should bear in mind specific to information blocking regulations as they review and update their technical capabilities and workflows in context of their DRS to ensure they are sharing EHI consistent with all applicable laws.

Learning Outcomes

1. Understand how EHI is an important part of the information blocking definition.
2. Learn how to identify what is and what is not EHI.
3. Learn more about how information blocking policy recognizes the importance of maintaining cybersecurity of your health IT and of respecting patients’ privacy rights and preferences.

Reference List

HHS Office of the National Coordinator for Health Information Technology.

Understanding Electronic Health Information (EHI)

Information Blocking Exceptions

Information Blocking FAQs

Category:
Information Protection; Access, Disclosure, Privacy and Security (for CEU certificate)

Presenters:
Barbara Carr, , RHIA, Verisma Advisor, Former AVP of Health Information Management at Einstein Healthcare Network
Jim Staley, CISSP, Verisma’s Chief Information Security Officer

Presentation Content:
As healthcare providers continue to improve their own security, attackers are more frequently targeting third parties, vendors, and suppliers who provide services to healthcare companies. To make matters worse, they are also attacking not only your vendors, but also your vendor’s vendors! The idea that “you’re only as strong as the weakest link in the chain” has never been more true.

In this presentation you will hear from Verisma’s Chief Information Security Officer as he will share his risk management expertise and provide real world examples of third (and even fourth or fifth!) party attacks as well as software “supply chain” attacks. He’ll review what the “standards of care” are for third party management, decipher some of the ling around third party certifications, and provide some concrete “do’s and don’ts” for managing third-party risk.

Learning Outcomes:

1. Understand why managing third party risk is more important than ever before.
2. Understand the differences between third party attacks, “nth” party attacks, and “supply chain” attacks.
3. Learn what different security frameworks and vendor certifications mean and what level of assurance they provide.
4. Learn what’s important, what’s not important, and what things can even be counter-productive, when creating or participating in a third-party risk management process.

Reference List:

SOC 1, SOC 2 (type I and type II), SOC 3

HITRUST

ISO/IEC 2700

NIST 800-53

HHS Guidance on Risk Analysis

Category:
Information Protection; Access, Disclosure, Privacy and Security

Presenters:
Timothy Noonan
Deputy Director for Health Information Privacy
Office of Civil Rights

Presentation Content:

Hear directly from the Deputy Director for Health Information Privacy at OCR on the latest news and trends related to HIPAA.  A lot has been happening over the last year with the announcement of the NPRM regarding HIPAA changes.  Comments have been received and are currently under review by OCR.

Hear about other updates on OCR rulemaking and guidance that directly impacts your HIM release of information operations.  Learn about the recent trends in breach reporting to OCR and what you can do to make sure your organization stays clear of being reported to OCR.   Mr. Noonan will also inform the attendees of recent HIPAA settlements and civil monetary penalties.

Attending this very informative webinar will help you learn where things are and where they are going under HIPAA and how to keep your organization compliant. 

Learning Outcomes:

1. Understand about OCR rulemaking and learn how this directly impacts you in HIM.
2. Learn the latest trends in breach reporting and how to avoid a breach in your organization.
3. Understand what the latest HIPAA settlements are and how they could have been avoided.

Date: May 18, 2:00 – 3:00 PM EDT

Presenters:

Mercy del Rey
Assistant Vice President/Chief Privacy Officer, Baptist Health South Florida

Barbara Carr, RHIA
HIM Advisor, Verisma Systems, Inc.

The 21^st Century Cures Act’s goal of increasing information sharing and enabling patients to have their healthcare data delivered conveniently to their computers, cell phones, and mobile applications has increased privacy and security worries for many healthcare organizations. Having the right data security in place to enable information sharing is forefront, the opening up of access and sharing has also increased the volume of patients’ requests to amend their healthcare information.

Baptist Health South Florida is a large multi-facility health system in South Florida that treats over 1.5 million patients per year.  Hear from Mercy Del Ray, Baptist’s VP and Chief Privacy Officer, how Baptist Health protects patient privacy and patient rights and what processes they have implemented to handle the increased patient requests for amendments.

Learning Objectives:

• Learn from Baptist Health South Florida experience on how they have met the demands and are processing requests for amendments.   

• Learn how centralizing the amendment process has benefited the healthcare organization and patients.

Pre-Approved for 1 AHIMA CEU Credit.

REGISTER TODAY