Is OCR becoming a tougher HIPAA privacy and security cop?

If it is, where should healthcare compliance be focused?

Recent enforcement actions by the OCR have led some to suggest that the agency is getting more aggressive in its enforcement of HIPAA privacy and security regulations.

In February, the agency imposed a $4.3 million penalty on Cignet Health of Prince George's County, MD for violating the HIPAA privacy rule – the first civil monetary penalty under the HIPAA privacy rules ever. That was followed by a $1 million resolution agreement with Massachusetts General Hospital to settle potential HIPAA privacy rule violations.

The thought that OCR is becoming more aggressive was further fueled by the Obama Administration’s request for an increase in OCR’s HIPAA 2012 budget. However, in its budget request, OCR still relies heavily on voluntary compliance and acknowledges that it has very limited funds – even if gets more money.

• Do these incidents represent a crackdown on HIPAA enforcement or is something else going on?

• Was Cignet simply foolish to be first one slapped with a HIPAA civil penalty?

• Was the $1 million resolution agreement with Massachusetts General a sign of things to come?

• How will OCR use the fines from HIPAA enforcement actions?

To put the latest HIPAA enforcement actions into perspective and help healthcare organizations identify areas where they may be vulnerable, Melamedia, LLC, publishers of Health Information Privacy/Security Alert is producing a 90-minute webinar:

Putting HIPAA Medical Privacy and Security Enforcement in Perspective
Friday, March 25, 2011
1 pm -2:30 pm Eastern

Participants will be briefed on

• The enforcement implications of OCR’s 2012 Budget request;

• Practical compliance lessons from OCR’s actions against Cignet Health and Massachusetts General;

• The distinctions between HITECH breach violations and HIPAA privacy and security violations and what they mean to health care organizations;

• How EHR Meaningful Use Rules are affecting privacy and security enforcement and compliance;

• Ways OCR may use the $4.3 million fine from Cignet Health and the $1 million from Massachusetts General;
   

SPECIAL OFFER

To get a more thorough understanding of the latest enforcement trends,  registrants and CD purchasers of the March 25 webinar may order the CD recording and materials from our webinar:

7th Annual Review of Medical Privacy & Security Enforcement  

for only $89 - a $200 savings

 

Click Here for the Special Order Form

WHO SHOULD LISTEN

• C-Level Healthcare Executives
• Privacy and Security Officers
• Hospital Compliance Executives
• HIM Professionals
• Healthcare Payers
• Fraud & Abuse Professionals
• Human Resources Executives
• HIPAA Business Associates 

• EHR & HIT Professionals
• Personal Data Collection Companies
• Research Administrators
• Benefits Managers
• State and Federal Government Policymakers
• Drug & Device Manufacturers
• HR Professionals
• Healthcare Attorneys & Consultants

THE FACULTY

Deven McGraw is the Director of the Health Privacy Project at CDT, where she focuses on developing and promoting policies that ensure individual privacy as personal health information is shared electronically. Ms. McGraw is active in efforts to advance the adoption and implementation of health information technology and electronic health information exchange to improve health care. She serves on the Health Information Technology (HIT) Policy Committee, a federal advisory committee established in the American Recovery and Reinvestment Act of 2009, and co-chairs its Information Exchange Workgroup. She also serves on the Leadership Council of the eHealth Initiative and is on the Steering Group of the Markle Foundation’s Connecting for Health multi-stakeholder initiative.

David S. Szabo is a partner in the national law firm, Edwards Angell Palmer & Dodge, where he practices in the healthcare and privacy practice groups. He represents hospitals, integrated delivery systems, home care companies, and other healthcare service providers. He also represents healthcare information technology companies and life sciences companies. David organized the first regional healthcare information exchange organization in Massachusetts, and recently helped it complete a merger to create a comprehensive health information exchange organization that serves the leading hospitals, health plans and medical groups in Massachusetts.

Dennis Melamed, Mr. Melamed is editor and publisher of Health Information Privacy/Security Alert. He  is an adjunct professor at the Drexel College of Medicine where he teaches separate courses on health data stewardship and federal regulation of biomedical research. He is also an occasional consultant on health data stewardship issues and has done work for a number of organizations, including the National Governors Association's State Alliance for E-Health, where he has co-authored two studies of privacy and security issues affecting HIE.

CONTINUING EDUCATION CREDITS

• All seminar participants will receive a certificate of participation

•  1.5 IAPP Credits for both event and CD

ORDERING INFORMATION

• Registration with CD recording of event and all background materials: $359
   
• Registration alone with all background materials: $279

ORDER AT WWW.MELAMEDIA.COM
 or download the form at www.melamedia.com/03.25.11.Order.Form.pdf
and fax it to 703.619.4912

CD ORDERING

The CD recording with all course materials are excellent educational and briefing resources: $289

Download the form at www.melamedia.com/03.25.11.Order.Form.pdf
and fax it to 703.619.4912  

TRACK HIPAA ENFORCEMENT FOR FREE

Health Information Privacy/Security Alert offers free updates on HHS's efforts to enforce the HIPAA privacy and security regulations. The statistics include privacy complaints lodged with the Office for Civil Rights and security and transaction complaints lodged with CMS Office for Electronic Health Standards and Services.

CLICK HERE To receive the HIPAA Enforcement Statistics Update Service