New Healthcare Breach Notification Law
Expands Responsibilities Well Beyond HIPAA.

Seminar Details Policies and Procedures Needed to Meet New Requirements

( Feb. 26, 2008)

All organizations that have patient or employee health data now face new requirements to protect those records and notify individuals if breaches occur. A California law that went into effect Jan. 1 affects all organizations and covers breaches of personal records that include health information.

This is more than a HIPAA issue because it makes no distinction among those who are covered by the federal privacy and security rules and those who are not. It covers all organizations. California will not be alone for very long as many states already are looking closely at adopting similar requirements.

While healthcare organizations with HIPAA compliance plans have an advantage in dealing with the new requirements, they still will have to adjust and strengthen their compliance plans to meet the new responsibilities.

The California law puts a heavy new emphasis on incident response, breach notification and mitigation programs. But it doesn't end there.

Healthcare organizations must take a new and hard look at their Business Associate agreements as vendors represent a special area of risk.

Electronic health record and personal health record companies will come under new pressure to establish compliance plans and demonstrate their effectiveness to their clients. Again, the California law affects any organization that has personal health information.

Employers also will be under the gun because they maintain a lot of health information for many reasons, such as workers compensation, fitness for duty assessments, and medical leave.

Health Information Privacy/Security Alert's 90-minute seminar

Complying with New Health Data Breach Laws

is a must for all organizations handling medical information.

PARTICIPANTS WILL BE BRIEFED ON:

  • The Implications Of The California Medical Information Breach Notification Law ;
  • Policies Defining And Prioritizing Security Incidents;
  • Policies Governing Business Associates;
  • Policies Defining The Responsibilities Of A Security Incident Response Team;
  • Policies For Internal Reporting Of Breaches;
  • Time Tables For Responding To Incidents Based On Their Severity;
  • Integrating New Policies Into Existing Compliance Plans;
  • Factors To Consider In Executing A Breach Notification To Patients And Other Affected Individuals;
    and much more.

FACULTY

Chris Apgar, CISSP. President, Apgar & Associates, LLC; former HIPAA Compliance officer for Providence Health Plans in Oregon and SW Washington; member of the WEDI Board of Directors; member of the HHS-funded health information exchange initiative, Health Information Security and Privacy Collaborative to develop national privacy & security solutions in electronic health information exchange within and between states

John Christiansen, JD. Co-Chair of the American Bar Association's Committee on Healthcare Privacy, Security and Information Technology; and a member of the technical expert advisory panel for the HHS-funded Health Information Security and Privacy Collaboration; principle, Christiansen IT Law.

Dennis Melamed, M.A. Editor/Publisher, Health Information Privacy/Security Alert; Adjunct Professor, Drexel College of Medicine.

WHO SHOULD ATTEND:

  • Privacy Officers
  • Security Officers
  • All Business Associates
  • Senior Healthcare Executives
  • All HR Professionals, Regardless Of Industry
  • Healthcare Insurers
  • HIM Professionals
  • EHR & PHR Professionals
  • Healthcare Providers
  • Research Administrators
  • Biomedical Product Manufacturers
  • Healthcare Attorneys And Consultants

ORDERING INFORMATION:

Download the form at www.melamedia.com/022608.order.form.pdf and fax it to 703.619.4912

CD set w/course materials: $275.

Contact: Dennis Melamed dmelamed@melamedia.com 703.704.5665