What Does the Term "Reasonable and Appropriate" Mean under HIPAA? And How Do You Achieve It?


Jonathan P. Tomes , J.D., is Keynote Speaker at Compliance key Inc. He is a health care attorney practicing in the greater Kansas City. He is a nationally recognized authority and expert witness on the legal requirements for health information. Jon has written more than 60 books, including the following: How to Handle HIPAA and HITECH Act Breaches, Complaints, and Investigations: Everything You Need to Know; The Compliance Guide to HIPAA and the DHHS Regulations, now in its sixth edition, along with its accompanying HIPAA Documents Resource Center CD, ; Electronic Health Records: A Practical C........

Overview

The HIPAA Security Rule requires covered entities and business associates to implement "reasonable and appropriate" security measures to protect against improper access, use, or disclosure of Protected Health Information ("PHI"). The Rule, however, gives very little guidance as to what constitutes reasonable and appropriate security measures. This is probably a good thing because what is reasonable and appropriate for a small town dental practice will likely be wildly different from a celebrity mental health facility in Beverly Hills. The lack of guidance, however, makes compliance difficult because how does one know whether DHHS will agree that their security measure is reasonable and appropriate if you are audited or investigated. And if you are sued, will the plaintiff 's expert be able to testify that your security measures did not meet that standard and, hence, you were negligent and are liable for the potentially huge damages of a major breach.

Why should you attend this webinar?

If you are audited, investigated, or sued and found not to have reasonable and appropriate security measures, you could face civil money penalties, supervised Corrective Action Plans, bad publicity with concomitant loss of patients, lawsuit damage awards, and significant remediation costs.

Civil money penalties to date range from $50,000 to two in the $4 million range. A number of these have resulted from deficient security measures, such as a missing firewall, lack of adequate security to prevent unauthorized access, and the like.

Nor are these penalties reserved for large practices. Fines have been assessed against two-physician practices and a small hospice in North Dakota. Being not-for-profit provides no immunity, nor does being a government entity. Alaska Medicaid was fined $1.5 million;and a county government (Skagit County in Washington State), $215,000.

Areas Covered in the Session:

Who can Benefit:

Health Professionals and their staffs, Privacy and Security Officers, Medical Records Professionals, IT Professionals, Office Managers, Risk Managers, Business Associates of Covered Entities (those that provide a service for the Covered Entity involving the use of individually identifiable health information (transcription services, billing services, cloud storage companies, and the like), Healthcare Attorneys, Compliance Officers, HIPAA consultants.



Webinar Id: HIPJPTW006

Training Options:

Duration: 60 mins

 View anytime

 Recorded: [Six month unlimited access]

 $167 (Single Attendee)  $599 (Unlimited Attendee)

Refund Policy
Past Webinar of Jonathan P. Tomes
HIPAA Compliance Through Polic....
Presenter: Jonathan P. Tomes
6 months unlimited
Price: $167
The HIPAA Breach Notification ....
Presenter: Jonathan P. Tomes
6 months unlimited
Price: $167

More Webinar

Upcoming Webinar: Life Sciences and Healthcare
Applying Quality Risk Manageme....
Presenter: Danielle DeLucy
When: 05/24/2018 | 10:00 AM PT |01:00 PM ET
Price: $179
HIPAA Compliance Officer Train....
Presenter: Brian L Tuttle
When: 05/25/2018 | 10:00 AM PT |01:00 PM ET
Price: $179

More Webinar

Past Webinar: Life Sciences and Healthcare
3-hour virtual seminar: New Fi....
Presenter: Brian L Tuttle
6 months unlimited
Price: $393
Transportation Food Safety Sta....
Presenter: John Ryan
6 months unlimited
Price: $167

More Webinar

PayPal logo   PayPal Verified logo   godaddy logo
Copyright © 2018 Compliance Key. All Rights Reserved. Back to Top