Healthcare Intelligence Network
Accountable Care Organizations
Best Sellers
Behavioral Healthcare
Bundled Payment
Care Coordination
Care Transitions
Case Management
Chronic Care Management
Coming Soon
Community Health
Cultural Diversity
Data Analytics
Diabetes Management
Disease Management
Dual Eligibles
Emergency Medicine
Health Literacy
Health Risk Assessments
Health Risk Stratification
Healthcare Reform
Healthcare Trends
HIN Benchmark Reports
HIN Case Studies
Home Health
Home Visits
Hospital Readmissions
Infection Control
Information Technology
Long-Term Care
Managed Care
Medical Home
Medical Neighborhood
Medical Practice
Medical Records
Medication Adherence
Nurse Management
Palliative Care
Patient Engagement
Patient Experience
Patient Registry
Pay for Performance
Physician Practice Transformation
Physician Organizations
Physician Quality Reporting Initiative
Population Health Management
Post-Acute Care
Predictive Modeling
Quality Improvement
Remote Patient Monitoring
Revenue Cycle Management
Social Health Determinants
Training DVDs
Value-Based Reimbursement
What's New
Subscribe to the Free
'Healthcare Business Weekly Update' e-Newsletter and receive the latest trends, news and analysis in healthcare.

Click here to view this week's issue
Home > Medical Records
Responding To Government Investigations Of Medical Privacy And Security Breaches
Responding To Government Investigations Of Medical Privacy And Security Breaches
Responding To Government Investigations Of Medical Privacy And Security Breaches
Be the first to review this item
Your Price:
Add to Wish List

Healthcare privacy and security practices are drawing substantial attention from enforcement agencies at all levels of government. That means organizations must develop effective procedures to respond to the almost inevitable visit or phone call from federal and state enforcement officials when they investigate patient and employee complaints.

As of July 31, the HHS Office for Civil Rights (OCR) received almost 14,500 privacy complaints under the HIPAA regulations and is receiving about 600 new complaints every month.

With the HIPAA security rule in effect, CMS established its own system for acting on complaints.

To meet these challenges, HHS has trained about 200 investigators on the regional level to pursue HIPAA complaints.

However, HIPAA is far from the only reason healthcare organizations should develop procedures for dealing with the inevitable call from government investigators. In addition to the more than 220 cases referred to the Justice Department for criminal prosecution, OCR confirmed that it is referring some privacy complaints to other regulatory agencies, including state human rights commissions, a variety of equal opportunity offices throughout government, the Department of Education, the Social Security Administration and the Department of Labor.

In other words, the HIPAA complaint system is drawing special attention to healthcare privacy and security practices and triggering investigations by local, state and federal enforcement agencies under other state and federal laws.

As important, growing concerns over identity theft are prompting tighter controls and higher accountability for all organizations - including healthcare - that handle personally identifiable information. That concern prompted the American Hospital Association recently to advise its members to review and modify their privacy practices to guard against the problem.

Virtually every state has adopted or is considering stronger privacy and security requirements to protect consumers and patients from identity theft. That means local police departments and the FBI are getting involved in data privacy and security breaches as well as state and federal healthcare regulators.

The threats of expanded investigations and civil suits over privacy and security breaches in healthcare are real and growing.


And don't let all your HIPAA work go to waste

Responding appropriately to government investigators in the privacy and security areas takes some thought and planning to avoid "fishing expeditions" and ensuring that your organization does not create new problems. Responding to Government Investigations of Medical Privacy and Security Breaches will detail the key issues and actions healthcare organizations should consider in responding to privacy and data security enforcement investigations.

Participants will be briefed on:

  • Planning for HHS HIPAA investigator visits and calls
  • Why privacy and security complaints may require different approaches
  • How and when privacy and security officers should coordinate responses
  • Dealing with complaints lodged against Business Associates
  • Who should be on an investigation response team
  • Establishing effective lines of communication between the organization and government enforcement officials
  • What employees should and should not do in responding to government investigators
  • What to do when employees lodge complaints
  • How CMS and OCR are coordinating enforcement of the HIPAA privacy and security rules
  • How other federal and state laws may affect your response to privacy and data security investigations and much more

Who Should Attend

  • Privacy Officers
  • Security Officers
  • CIOs
  • General Counsels
  • Healthcare Compliance Officers
  • Hospital Administrators
  • Practice Managers
  • IT Staff
  • HR Professionals
  • Healthcare Attorneys
  • Healthcare Consultants

Faculty With Real World Experience in Dealing with HIPAA Complaints

Richard Meeks is the University of Washington's HIPAA Compliance Officer where he also manages the HIPAA Program Office for the university's medical centers. His prior experience includes 11 years in Health Information Management where he held positions at both the University of Washington Medical Center and Harborview Medical Center.

John R. Christiansen is a principal in Christiansen IT Law, where he focuses on the implementation and management of healthcare information technology. In his practice, John has handled a wide variety of privacy and data security investigations for healthcare clients. He is also Co-Chair of the American Bar Association's Committee on Healthcare Privacy, Security and Information Technology and past Chair of its Healthcare Informatics Committee. His most recent book is An Integrated Standard of Care for Healthcare Information Security: HIPAA, Risk Management and Beyond (2005), the definitive legal treatise on security obligations applicable to healthcare information.

Publication Date: October 2005
Frequently Bought Together
Developing HIPAA Awareness and Training Programs for Your Staff
Developing HIPAA Awareness and Training Programs for Your Staff
Your Price: $50.00
3rd Annual Year-End Review of Medical Privacy, Security Enforcement
3rd Annual Year-End Review of Medical Privacy, Security Enforcement
Your Price: $260.00
Browse Similar Items

View/Hide options
Subtotal $0
Discount(s) [DISCOUNTS]

Apply Coupon

Calculate Shipping

[shipping_city] [shipping_state] [shipping_zip]
Stratifying High-Risk, High-Cost Patients: Benchmarks, Predictive Algorithms and Data Analytics

Copyright Healthcare Intelligence Network. All Rights Reserved. eCommerce Software by 3dcart.