How can a remote inspector develop rapport with witnesses and judge their credibility? When does the investigator need to ensure the authenticity of documents which are not present before them?
What notice and consent should be given to witnesses to inform them the remote investigation is being recorded for future use? Don’t investigators typically record in-person interviews anyway? Remote investigations may be cost-effective, but subject to lower quality results.
In addition, there are issues of getting paperwork and written documentation when interviewing people remotely. If you ask for such documentation remotely and in advance, they have time to forge that kind of paperwork.
Erase the uncertainty and doubt about best practices in remote inspections and investigations. In the age of remote working, how are these inspections and investigations done successfully?
Time: 1:00 pm - 2:00 pm (EST)
Reg. deadline: 06/14/2023
Venue: Live Webinar
This webinar covers the following objectives regarding remote telepractice in mental health care: Basics of HIPAA privacy as applied to telepractice of mental health; When work from home becomes practice and treatment from home; Current state of relaxed HIPAA enforcement for non-secure electronic patient communication; Samples of state licensure laws and the telepractice of mental health; National guidelines in mental health telepractice for compliance, and; Basic tips and techniques to defend your telepractice from privacy breaches and liability. Ten years’ worth of change in remote medicine has occurred in a matter of weeks due to the COVID-19 pandemic. Remote telepractice and mental health care have advanced in such a short time what had before taken many years. Both patients and practitioners are equally motived not to have face-to-face contact for therapy sessions. This advanced webinar governs current HIPAA and relaxed privacy standards as applied to telepractice when “work from home” becomes “practice from home” for mental health treatment. Even so, state confidentiality and telepractice laws continue in full force and effect. Samples of state licensure laws and telepractice rules are reviewed as well as national guidelines in mental health telepractice for compliance. Finally, you will learn basic tips and techniques to defend your telepractice from privacy breaches and liability.
In addition to known issues of facility inspections and investigations of licensure complaints, the continuing Covid-19 pandemic restrictions have curtailed those face-to-face contacts regarding in-person inspections and investigations of licensure violations. How can a remote inspector develop rapport with witnesses and judge their credibility? When does the investigator need to ensure the authenticity of documents which are not present before them? What notice and consent should be given to witnesses to inform them the remote investigation is being recorded for future use? Don’t investigators typically record in-person interviews anyway? Remote investigations may be cost-effective, but subject to lower quality results. In addition, there are issues of getting paperwork and written documentation when interviewing people remotely. If you ask for such documentation remotely and in advance, they have time to forge that kind of paperwork. Erase the uncertainty and doubt about best practices in remote inspections and investigations. In the age of remote working, how are these inspections and investigations done successfully?
The Problem Solved by this Webinar The HIPAA Rules require Covered Entities and Business Associates to do Risk Analysis and Risk Management (RA-RM) but do not explain how to do them. OCR consistently calls Risk Analysis the foundation of every HIPAA Compliance program. This webinar clearly explains how to follow OCR’s advice to use Risk Analysis – Risk Management procedures developed by the National Institute of Standards and Technology (NIST). We lay out each step of the NIST RA-RM process and show how they fall neatly in three parts concluding with an easy to follow demonstration. You will receive a handout illustrating all the steps. HIPAA RA-RM is easy to do step-by-step – when you know the steps. Key Points Organizations must identify and understand the unique Risks to the privacy and security of protected health information (PHI) they hold. Then – and only then – can they craft and implement policies, procedures and training to manage specific risks that endanger their PHI and the organization’s financial well-being and reputation. OCR regularly publishes Resolution Agreements following investigations of HIPAA violations by organizations due to Risks that should have been identified and could have been managed by a proper Risk Analysis. RA-RM failures by large and small organizations have caused the private health information of hundreds of millions of Americans to be stolen. On December 17, 2020 OCR published shocking results of its Phase 2 HIPAA Compliance Audits. OCR found: 86% of covered entities and 83% of business associates failed the Risk Analysis Audit and 94% of covered entities and 88% of business associates failed the Risk Management Audit. Each covered entity and business associate knew they were short-listed to be audited. OCR provided the exact questions they would be asked and the documents they would be required to show well in advance of the audit. Areas Covered in this Webinar OCR Guidance – Risk Analysis and integrated Risk Management process OCR Reliance on NIST Procedures – the standard for best practices NIST Sources – HIPAA RA-RM and NIST Risk Management Framework OCR Audit – National Crisis – Widespread Failure to do RA-RM Inexcusable, Unnecessary and Dangerous OCR/NIST HIPAA RA-RM Process explained simply – It’s just a 3 Act Play Act 1 – Setup – Risk Analysis Assemble Information – Identify, Document and Assess level of Risks Act 2 – Confrontation – Risk Management – Documented Actions to Manage Risks Act 3 – Resolution – Risk Management Program – Focused on your Organization’s Risks – Documented and Active How to do OCR/NIST RA-RM demonstrated Step-by-Step Why You Should Attend This Webinar Failure to do HIPAA RA-RM puts your organization in grave danger. This webinar will show you how to do a complete HIPAA RA-RM step-by-step and how easy it is to follow those steps when they are explained. You should attend this this webinar to learn why you must worry about not doing a HIPAA RA-RM properly – and how you can stop worrying by simply doing a HIPAA RA-RM as required every year. Who Will Benefit All Health Care Covered Entities Practice Managers – Covered Entities HIPAA Compliance Officials – Privacy and Security Officers Patient Engagement Officials Health Information Technology Supervisors Risk Managers – Covered Entities Health Care Providers practicing as individuals or in small groups Group Health Plan Administrators Third Party Group Health Plan Administrators Covered Entity Senior Management and Owners Attorneys for Covered Entities – In-house and Outside Counsel Compliance Committee – Covered Entity Board of Trustees C-Suite Executives – all Covered Entities Chief Compliance Officer – all Covered Entities All Business Associates including: Billing and Coding companies Practice Management Companies and IT Vendors Data Storage firms (electronic and paper) Secure and unsecure providers of PHI Email and Text Message services Vendors of patient satisfaction surveys Law Firms representing Health Care Providers & Business Associates
More than $135 million in HIPAA fines and penalties have been imposed since the HIPAA act was created. This webinar will closely examine actual HIPAA enforcement case examples to see what areas of HIPAA compliance were not clearly met. The goal is to help organizations try and avoid HIPAA data breaches. The webinar will cover what requirements organizations need to have in place and how to mitigate risk. If your organization is subject to an enforcement investigation, you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. Webinar Objectives Understanding HIPAA Security Rule requirements Who Must Comply with HIPAA Requirements? Who Enforces HIPAA? Enforcement Case Examples Learning from Other’s Mistakes What are the penalties and fines for non-compliance and how to avoid them? Being Prepared for a HIPAA Investigation Q&A Webinar Highlights Learn from an expert on how to avoid HIPAA fines and penalties. Find out what HHS Office for Civil Rights looks for as part of the investigative process. See if your organization’s HIPAA compliance program defensible. Who Should Attend Compliance Officer HIPAA Privacy Officer HIPAA Security Officer Medical/Dental Office Managers Practice Managers Information Systems Manager Chief Information Officer General Counsel/lawyer Practice Management Consultants Any Business Associates that access protected health information