Speaker: Jim Sheldon-Dean
                  Healthcare

Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities. Sheldon-Dean serves on the HIMSS Information Systems Security Workgroup, has co-chaired the Workgroup for Electronic Data Interchange Privacy and Security Workgroup, and is a recipient of the WEDI 2011 Award of Merit. He is a frequent speaker regarding HIPAA and information privacy and security compliance issues at seminars and conferences, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference in Washington, D.C. Sheldon-Dean has more than 30 years of experience in policy analysis and implementation, business process analysis, information systems and software development. His experience includes leading the development of health care related Web sites; award-winning, bestselling commercial utility software; and mission-critical, fault-tolerant communications satellite control systems. In addition, he has eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master’s degree from the Massachusetts Institute of Technology.

Course Description:

With the recent implementation of new HIPAA regulations in the HIPAA Omnibus Update, healthcare organizations are reviewing their compliance and making sure they have the proper policies, procedures, and forms in place. HIPAA Privacy Officers have been renewing their compliance activities and reviewing their documentation to make sure they can meet the challenges of the new rules and avoid breaches and penalties for compliance violations.

This 2 day session is designed to provide intensive, one and a half-day training in HIPAA Privacy Rule compliance, including what’s new in the regulations, what needs to change in your organization, and what needs to be addressed for compliance by covered entities and business associates. The session provides the background and details for any healthcare information privacy officer to know what the most important privacy issues are, what needs to be done for HIPAA compliance, and what can happen when compliance is not adequate. Audits and enforcement, and how Privacy regulations relate to Security and Breach regulations will be explained, as well as responding to privacy and security breaches and ways to prevent them. Numerous references and sample documents will be provided.

Reasons to attend:

Almost any healthcare-related business needs to be in compliance with the HIPAA rules, and not just providers and health plans anymore. Now the rules apply to all kinds of businesses that may create, receive, maintain, or transmit Protected Health Information. And the recent HIPAA Omnibus Update has focused new attention on the policies and procedures already in place at providers and insurers, such that the person responsible for HIPAA compliance is expected to know the rules, what's changing, and how their policies and forms need to change.

Being the HIPAA Privacy Officer is a job with a lot of responsibility, especially with the new increased penalties for violations and enhanced enforcement and audit programs. There are new patient rights and new limits on covered entities that change how you handle certain disclosures. Now more than ever, making mistakes in HIPAA compliance can lead to significant enforcement actions and fines in millions of dollars.

If you are the HIPAA Privacy Officer in your organization, you need to know what policies and procedures, and documentation, you need to have in place so you can answer questions from staff and individuals, make sure your office is using the right forms and notices, and respond to any incidents or compliance investigations. You will be the one that patients complain to if they don’t like the way you handle their data. You will be the one to reply if the US Department of Health and Human Services decides to ask you some questions about an incident, or if you get selected for a random audit.

This session will explain what HIPAA is, what the rules are and how they work. We will show what kind of documentation you need to have and how you can maintain it, as well as how compliance is audited and enforced. We will help you know what to expect from your patients and how staff may react to new policies and procedures, so you can be prepared for each day’s new HIPAA experiences.

Target Audience:

Compliance Director, CEO, CFO, Privacy Officer, Security Officer, Information Systems Manager, HIPAA Officer, Chief Information Officer, Health Information Manager, Healthcare Counsel/lawyer, Office Manager, Contracts Manager – at – Medical offices, practice groups, hospitals, academic medical centers, insurers, business associates (shredding, data storage, systems vendors, billing services, etc.)

[Click Hear for Agenda]

Agend: