SlideShare une entreprise Scribd logo

Dental Compliance for Dentists and Business Associates

Télécharger en tant que PPTX, PDF
gppcpa
gppcpa

This presentation will discuss covered entities, protected health information (PHI) as it relates to dental practices and business associates of those practices.It will update you on major legislation relating to patient privacy laws and explain why PHI Information is important and the consequences for non-compliance with state and federal laws.

TechnologieBusiness
1  sur  38
For Free compliance tips join our list! www.DentalCompliance.com
Neither of these guys are licensed peace officers, attorneys, or dentists…. they‟re not very funny either!
After completing this presentation participants should be able to: Define Covered Entity, Protected Health Information and Business Associates Identify major legislation regarding patient privacy laws in Texas Explain why protecting Protected Health Information is important and consequences for non-compliance with state and federal laws Sketch out a plan to achieve compliance for their organizations
HIPAA Privacy HIPAA Security HB 300 (Texas Medical Privacy Act) HITECH
Took effect on April 1st, 2003 First major regulation in recent years to control fraud, waste and abuse of government programs Mandated mechanisms for exchange of information between healthcare clearinghouses, health plans and providers.
Took effect in 2009 Provided Federal money for providers to help incorporate EHR into health care practices Recognized the majority of data breaches was by Business Associates and there were (previously) no accountability to enforce HIPAA provisions over unlicensed BA‟s
Took effect on 09/01/2012 Re-defined “Protected Health Information” Expanded definition of “Covered Entity” to include entities that come into possession of, obtain, assemble, collect, analyze, evaluate, store or transmit PHI.
Expanded privacy and security mandates on covered entities such as: Employee training (within 60 days of hire and every 2 years) Patient access to electronic health records (EHRs) (15 days) Identifies state agencies that regulate covered entities and the agency‟s compliance enforcement process (Office of Attorney General for non-licensed C.E.‟s)
Consumer Information Website Prohibits sale or disclosure of PHI Consumer Notice and Authorization Required for Electronic Disclosure of PHI Fines and penalties include civil and criminal remedies for non- compliance
American Recovery and Reinvestment Act of 2009 (ARRA) became federal law on February 12, 2009. HITECH is part of that law. The goal of HITECH is to enhance and expand the HIPAA Privacy Rule and Security Rules. The HITECH Act not only makes privacy regulations more strict, but it also gives more power to federal and state authorities to enforce privacy and security protections for resident information and data.
It increases HIPAA‟s patient rights regarding control over their PHI (medical information) It limits the use of PHI for marketing purposes It mandates breach (unauthorized access or loss of PHI) notification It also extends a lot of the same requirements to those business associates outside of our company to whom we give PHI so they can do their jobs.
Published January 25th, 2013 Expands the definition of Business Associates - now include entities that “maintain” PHI, in addition to those that create, receive, or transmit PHI for a function or activity such as claims processing or administration, data analysis, utilization review, quality assurance, patient safety activities, billing, benefit management, practice management, and re-pricing. The definition extends fully to subcontractors of BAs who perform these functions.
Solidifies that BAs are directly liable for compliance with HIPAA. Under the new rules, BAs are statutorily liable for violations of the HIPAA security rules. They are also subject to the same HIPAA privacy restrictions as covered entities. This includes requirements that BAs create and implement HIPAA privacy and security policies and procedures in relation to the handling of PHI of a covered entity. BAs may be subject to compliance reviews by the federal Department of Health and Human Services (HHS).
Require BAs to report to the covered entities breaches of unsecured PHI. Breach is the unauthorized access of PHI by unintended or unauthorized persons or entities.
As per HB 300 and HITECH Final Rule: Basically, all persons or entities who receive, possess, or generate protected health information (PHI) or who store and „could potentially‟ access PHI
Individually Identifiable Health Information (including demographic data, that relates to: The individual‟s past, present or future physical or mental health or condition; The provision of health care to the individual, or The past, present, or future payment for the provision of health care to the individual
EXAMPLES: Names, Addresses, Date and place of birth, Race, Marital Status, Phone numbers, Fax numbers, Email addresses, Social Security numbers, Medical record numbers, Health insurance beneficiary numbers, Account numbers, Certificate/license numbers, Vehicle identifiers and serial numbers, including license plate numbers, Device identifiers and serial numbers, Web URLs, IP address numbers, Biometric identifiers (including finger, retinal and voice prints), Full face photographic images and any comparable images
Required (R) means that complying with the given standard is mandatory and, therefore, must be complied with. Addressable (A) means that the given standards must be implemented by the organization unless assessments and in depth risk analysis conclude that implementation is not reasonable and appropriate specific to a given business setting. Important Note: Addressable does not mean optional.
Safeguard documents and communications involving PHI (oral, written and otherwise) Shred or definitively destroy documents that are no longer needed Notify Covered Entities if any information has been breached Have written policies and procedures to account for this information See HIPAA Privacy summary for additional
Risk Analysis: (R) Perform and document a risk analysis to see where PHI is being used and stored and to determine what all possible ways HIPAA could be violated are Risk Management: (R) Implement measures sufficient to reduce these risks to an appropriate level. Sanction Policy: (R) Implement sanction policies for employees who fail to comply. Information Systems Activity Reviews: (R) Regularly review system activity, logs, audit trails, etc. Officers: (R) Designate HIPAA Security and Privacy Officers
Employee Oversight: (A) Implement procedures to authorize and supervise employees who work with PHI, and for granting and removing PHI access to employees. Ensure that an employee‟s access to PHI ends with termination of employment. Multiple Organizations: (R) Ensure that PHI is not accessed by parent or partner organizations or subcontractors that are not authorized for access. ePHI Access: (A) Implement procedures for granting access to ePHI and which document access to ePHI or to services and systems which grant access to ePHI. Security Reminders: (A) Periodically send updates and reminders of security and privacy policies to employees.
Protection against Malware: (A) Have procedures for guarding against, detecting, and reporting malicious software. Login Monitoring: (A) Institute monitoring of logins to systems and reporting of discrepancies. Password Management: (A) Ensure there are procedures for creating, changing, and protecting passwords. Response and Reporting: (R) Identify, document, and respond to security incidents. Contingency Plans: (R) Ensure there are accessible backups of ePHI and that there are procedures for restore any lost data.
Contingency Plans Updates and Analysis: (A) Have procedures for periodic testing and revision of contingency plans. Assess the relative criticality of specific applications and data in support of other contingency plan components. Emergency Mode: (R) Establish (and implement as needed) procedures to enable continuation of critical business processes for protection of the security of electronic protected health information while operating in emergency mode. Evaluations: (R) Perform periodic evaluations to see if any changes in your business or the law require changes to your HIPAA compliance procedures. Business Associate Agreements: (R) Have contracts with business partners who will have access to your PHI to ensure that they will be compliant.
Contingency Operations: (A) Establish (and implement as needed) procedures that allow facility access in support of restoration of lost data under the disaster recovery plan and emergency mode operations plan in the event of an emergency. Facility Security: (A) Implement policies and procedures to safeguard the facility and the equipment therein from unauthorized physical access, tampering, and theft. Access Control and Validation: (A) Implement procedures to control and validate a person‟s access to facilities based on their role or function, including visitor control, and control of access to software programs for testing and revision. Maintenance Records: (A) Implement policies and procedures to document repairs and modifications to the physical components of a facility which are related to security
Workstations: (R) Implement policies governing what software can/must be run and how it should be configured on systems that provide access ePHI. Safeguard all workstations providing access to ePHI and restrict access to authorized users. Devices and Media Disposal and Re-use: (R) Create procedures for the secure final disposal of media that contain ePHI and for the reuse of devices and media that could have been used for ePHI. Media Movement: (A) Record movements of hardware and media associated with ePHI storage. Create a retrievable, exact copy of electronic protected health information, when needed, before movement of equipment.
Unique User Identification: (R) Assign a unique name and/or number for identifying and tracking user identity. Emergency Access: (R) Establish (and implement as needed) procedures for obtaining necessary electronic protected health information during an emergency. Automatic Logoff: (A) Implement electronic procedures that terminate an electronic session after a predetermined time of inactivity. Encryption and Decryption: (A) Implement a mechanism to encrypt and decrypt electronic protected health information when deemed appropriate.
Audit Controls: (R) Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information. ePHI Integrity: (A) Implement policies and procedures to Protect electronic protected health information from improper alteration or destruction. Authentication: (R) Implement procedures to verify that a person or entity seeking access to electronic protected health information is the one claimed. Transmission Security: (A) Implement technical security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network.
Create, revise, and/or implement HIPAA policies and procedures. Diligently pursue HIPAA-compliant policies and procedures as they relate to HIPAA security and privacy requirements.
Ensure you have Business Associate agreements on file with the Covered Entities whose patients’ PHI you have access to. Ensure you have BA agreements with covered entity clients, as well as with subcontractors to whom it delegates BA functions (consider relationships with lenders, transition specialists, practice management, attorneys, other vendors).
For you and ALL employees or persons for whom you are responsible receive training as required: within 60 days of beginning new employment, and; every two years Training must include State and Federal requirements
This presentation is NOT comprehensive and is only intended as a high-level overview of information relevant to Covered Entities and Business Associates. My team and I are happy to provide you with additional information or you can surf the Internet at: http://www.hhs.gov/ocr/privacy/hipaa/administrative/statute/index.html
Duane Tinker traded his gun and badge for a clipboard and classroom to inform and teach Dental professionals how to stay off the radar and out of the news! As President & CEO of Dental Compliance Specialists, LLC -- a company specializing in Dental office regulatory compliance – he has taken his expertise as a former law enforcement officer responsible for investigating criminal and civil complaints against practices and now uses this knowledge to assist Dental professionals in avoiding these legal pitfalls. He is a much sought-after speaker and consultant and a member of the Speaking Consulting Network. In this pursuit, today his passion is all about helping beleaguered oral healthcare providers find justice!

Recommandé

HIPAA HiTech Security Assessment
HIPAA HiTech Security AssessmentHIPAA HiTech Security Assessment
HIPAA HiTech Security Assessmentdata brackets
 
The Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceThe Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceJim Anfield
 
Hipaa Gap Assessment.Sanitized Report
Hipaa Gap Assessment.Sanitized ReportHipaa Gap Assessment.Sanitized Report
Hipaa Gap Assessment.Sanitized Reporttbeckwith
 
EHR meaningful use security risk assessment sample document
EHR meaningful use security risk assessment sample documentEHR meaningful use security risk assessment sample document
EHR meaningful use security risk assessment sample documentdata brackets
 
HIPAA and How it Applies to You
HIPAA and How it Applies to YouHIPAA and How it Applies to You
HIPAA and How it Applies to YouWinston & Strawn LLP
 
HIPAA Access Medical Records by Sainsbury-Wong
HIPAA Access Medical Records by Sainsbury-WongHIPAA Access Medical Records by Sainsbury-Wong
HIPAA Access Medical Records by Sainsbury-WongLorianne Sainsbury-Wong
 
Application Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA ComplianceApplication Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA ComplianceTrueVault
 
Avior Healthcare Security Compliance Webcast Final1
Avior Healthcare Security Compliance Webcast Final1Avior Healthcare Security Compliance Webcast Final1
Avior Healthcare Security Compliance Webcast Final1jhietala
 

Recommandé

HIPAA HiTech Security Assessment
HIPAA HiTech Security AssessmentHIPAA HiTech Security Assessment
HIPAA HiTech Security Assessmentdata brackets
 
The Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceThe Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceJim Anfield
 
Hipaa Gap Assessment.Sanitized Report
Hipaa Gap Assessment.Sanitized ReportHipaa Gap Assessment.Sanitized Report
Hipaa Gap Assessment.Sanitized Reporttbeckwith
 
EHR meaningful use security risk assessment sample document
EHR meaningful use security risk assessment sample documentEHR meaningful use security risk assessment sample document
EHR meaningful use security risk assessment sample documentdata brackets
 
HIPAA and How it Applies to You
HIPAA and How it Applies to YouHIPAA and How it Applies to You
HIPAA and How it Applies to YouWinston & Strawn LLP
 
HIPAA Access Medical Records by Sainsbury-Wong
HIPAA Access Medical Records by Sainsbury-WongHIPAA Access Medical Records by Sainsbury-Wong
HIPAA Access Medical Records by Sainsbury-WongLorianne Sainsbury-Wong
 
Application Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA ComplianceApplication Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA ComplianceTrueVault
 
Avior Healthcare Security Compliance Webcast Final1
Avior Healthcare Security Compliance Webcast Final1Avior Healthcare Security Compliance Webcast Final1
Avior Healthcare Security Compliance Webcast Final1jhietala
 
Assessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA ComplianceAssessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA ComplianceHostway|HOSTING
 
HIPAA 101 for Startups
HIPAA 101 for StartupsHIPAA 101 for Startups
HIPAA 101 for StartupsObaa, Inc.
 
Role-Based Access Governance and HIPAA Compliance: A Pragmatic Approach
Role-Based Access Governance and HIPAA Compliance: A Pragmatic ApproachRole-Based Access Governance and HIPAA Compliance: A Pragmatic Approach
Role-Based Access Governance and HIPAA Compliance: A Pragmatic ApproachEMC
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for DevelopersTrueVault
 
Hi paa and eh rs
Hi paa and eh rsHi paa and eh rs
Hi paa and eh rssupportc2go
 
A brief introduction to hipaa compliance
A brief introduction to hipaa complianceA brief introduction to hipaa compliance
A brief introduction to hipaa compliancePrince George
 
You and HIPAA - Get the Facts
You and HIPAA - Get the FactsYou and HIPAA - Get the Facts
You and HIPAA - Get the Factsresourceone
 
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT SecurityRedspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT SecurityRedspin, Inc.
 
Hipaa checklist for healthcare software
Hipaa checklist for healthcare softwareHipaa checklist for healthcare software
Hipaa checklist for healthcare softwareConcetto Labs
 
What Is Security Risk Analysis? By: MedSafe
What Is Security Risk Analysis? By: MedSafeWhat Is Security Risk Analysis? By: MedSafe
What Is Security Risk Analysis? By: MedSafeMedSafe
 
Maninging Risk Exposure in Meaningful Use Stage 2
Maninging Risk Exposure in Meaningful Use Stage 2Maninging Risk Exposure in Meaningful Use Stage 2
Maninging Risk Exposure in Meaningful Use Stage 2Compliancy Group
 
Hipaa for business associates simple
Hipaa for business associates simpleHipaa for business associates simple
Hipaa for business associates simpleJose Ivan Delgado, Ph.D.
 
Mbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMBMeHealthCareSolutions
 
Hhs issues hipaa cyber attack response checklist
Hhs issues hipaa cyber attack response checklistHhs issues hipaa cyber attack response checklist
Hhs issues hipaa cyber attack response checklistTodd LaRue
 
RiskWatch for HIPAA Compliance™
RiskWatch for HIPAA Compliance™RiskWatch for HIPAA Compliance™
RiskWatch for HIPAA Compliance™CPaschal
 
HIPAA Security Audits in 2012-What to Expect. Are You Ready?
HIPAA Security Audits in 2012-What to Expect. Are You Ready?HIPAA Security Audits in 2012-What to Expect. Are You Ready?
HIPAA Security Audits in 2012-What to Expect. Are You Ready?Redspin, Inc.
 
Protecting ePHI: What Providers and Business Associates Need to Know
Protecting ePHI: What Providers and Business Associates Need to KnowProtecting ePHI: What Providers and Business Associates Need to Know
Protecting ePHI: What Providers and Business Associates Need to KnowNetwork 1 Consulting
 
HIPAA Security 2019
HIPAA Security 2019HIPAA Security 2019
HIPAA Security 2019Jose Ivan Delgado, Ph.D.
 
HIPAA Compliance For Small Practices
HIPAA Compliance For Small PracticesHIPAA Compliance For Small Practices
HIPAA Compliance For Small PracticesNisos Health
 
Cyberinsurance 111006
Cyberinsurance 111006Cyberinsurance 111006
Cyberinsurance 111006JNicholson
 
Discharging federal taxes in bankruptcy presentation
Discharging federal taxes in bankruptcy presentationDischarging federal taxes in bankruptcy presentation
Discharging federal taxes in bankruptcy presentationgppcpa
 
Estudi de la funció del coactivador transcripcional PGC-1β en el teixit adipó...
Estudi de la funció del coactivador transcripcional PGC-1β en el teixit adipó...Estudi de la funció del coactivador transcripcional PGC-1β en el teixit adipó...
Estudi de la funció del coactivador transcripcional PGC-1β en el teixit adipó...Vall d'Hebron Institute of Research (VHIR)
 

Contenu connexe

Tendances

Assessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA ComplianceAssessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA ComplianceHostway|HOSTING
 
HIPAA 101 for Startups
HIPAA 101 for StartupsHIPAA 101 for Startups
HIPAA 101 for StartupsObaa, Inc.
 
Role-Based Access Governance and HIPAA Compliance: A Pragmatic Approach
Role-Based Access Governance and HIPAA Compliance: A Pragmatic ApproachRole-Based Access Governance and HIPAA Compliance: A Pragmatic Approach
Role-Based Access Governance and HIPAA Compliance: A Pragmatic ApproachEMC
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for DevelopersTrueVault
 
Hi paa and eh rs
Hi paa and eh rsHi paa and eh rs
Hi paa and eh rssupportc2go
 
A brief introduction to hipaa compliance
A brief introduction to hipaa complianceA brief introduction to hipaa compliance
A brief introduction to hipaa compliancePrince George
 
You and HIPAA - Get the Facts
You and HIPAA - Get the FactsYou and HIPAA - Get the Facts
You and HIPAA - Get the Factsresourceone
 
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT SecurityRedspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT SecurityRedspin, Inc.
 
Hipaa checklist for healthcare software
Hipaa checklist for healthcare softwareHipaa checklist for healthcare software
Hipaa checklist for healthcare softwareConcetto Labs
 
What Is Security Risk Analysis? By: MedSafe
What Is Security Risk Analysis? By: MedSafeWhat Is Security Risk Analysis? By: MedSafe
What Is Security Risk Analysis? By: MedSafeMedSafe
 
Maninging Risk Exposure in Meaningful Use Stage 2
Maninging Risk Exposure in Meaningful Use Stage 2Maninging Risk Exposure in Meaningful Use Stage 2
Maninging Risk Exposure in Meaningful Use Stage 2Compliancy Group
 
Mbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMBMeHealthCareSolutions
 
Hhs issues hipaa cyber attack response checklist
Hhs issues hipaa cyber attack response checklistHhs issues hipaa cyber attack response checklist
Hhs issues hipaa cyber attack response checklistTodd LaRue
 
RiskWatch for HIPAA Compliance™
RiskWatch for HIPAA Compliance™RiskWatch for HIPAA Compliance™
RiskWatch for HIPAA Compliance™CPaschal
 
HIPAA Security Audits in 2012-What to Expect. Are You Ready?
HIPAA Security Audits in 2012-What to Expect. Are You Ready?HIPAA Security Audits in 2012-What to Expect. Are You Ready?
HIPAA Security Audits in 2012-What to Expect. Are You Ready?Redspin, Inc.
 
Protecting ePHI: What Providers and Business Associates Need to Know
Protecting ePHI: What Providers and Business Associates Need to KnowProtecting ePHI: What Providers and Business Associates Need to Know
Protecting ePHI: What Providers and Business Associates Need to KnowNetwork 1 Consulting
 
HIPAA Compliance For Small Practices
HIPAA Compliance For Small PracticesHIPAA Compliance For Small Practices
HIPAA Compliance For Small PracticesNisos Health
 
Cyberinsurance 111006
Cyberinsurance 111006Cyberinsurance 111006
Cyberinsurance 111006JNicholson
 

Tendances (20)

Assessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA ComplianceAssessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA Compliance
 
HIPAA 101 for Startups
HIPAA 101 for StartupsHIPAA 101 for Startups
HIPAA 101 for Startups
 
Role-Based Access Governance and HIPAA Compliance: A Pragmatic Approach
Role-Based Access Governance and HIPAA Compliance: A Pragmatic ApproachRole-Based Access Governance and HIPAA Compliance: A Pragmatic Approach
Role-Based Access Governance and HIPAA Compliance: A Pragmatic Approach
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for Developers
 
Hi paa and eh rs
Hi paa and eh rsHi paa and eh rs
Hi paa and eh rs
 
A brief introduction to hipaa compliance
A brief introduction to hipaa complianceA brief introduction to hipaa compliance
A brief introduction to hipaa compliance
 
You and HIPAA - Get the Facts
You and HIPAA - Get the FactsYou and HIPAA - Get the Facts
You and HIPAA - Get the Facts
 
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT SecurityRedspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
 
Hipaa checklist for healthcare software
Hipaa checklist for healthcare softwareHipaa checklist for healthcare software
Hipaa checklist for healthcare software
 
What Is Security Risk Analysis? By: MedSafe
What Is Security Risk Analysis? By: MedSafeWhat Is Security Risk Analysis? By: MedSafe
What Is Security Risk Analysis? By: MedSafe
 
Maninging Risk Exposure in Meaningful Use Stage 2
Maninging Risk Exposure in Meaningful Use Stage 2Maninging Risk Exposure in Meaningful Use Stage 2
Maninging Risk Exposure in Meaningful Use Stage 2
 
Hipaa for business associates simple
Hipaa for business associates simpleHipaa for business associates simple
Hipaa for business associates simple
 
Mbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk Assessment
 
Hhs issues hipaa cyber attack response checklist
Hhs issues hipaa cyber attack response checklistHhs issues hipaa cyber attack response checklist
Hhs issues hipaa cyber attack response checklist
 
RiskWatch for HIPAA Compliance™
RiskWatch for HIPAA Compliance™RiskWatch for HIPAA Compliance™
RiskWatch for HIPAA Compliance™
 
HIPAA Security Audits in 2012-What to Expect. Are You Ready?
HIPAA Security Audits in 2012-What to Expect. Are You Ready?HIPAA Security Audits in 2012-What to Expect. Are You Ready?
HIPAA Security Audits in 2012-What to Expect. Are You Ready?
 
Protecting ePHI: What Providers and Business Associates Need to Know
Protecting ePHI: What Providers and Business Associates Need to KnowProtecting ePHI: What Providers and Business Associates Need to Know
Protecting ePHI: What Providers and Business Associates Need to Know
 
HIPAA Security 2019
HIPAA Security 2019HIPAA Security 2019
HIPAA Security 2019
 
HIPAA Compliance For Small Practices
HIPAA Compliance For Small PracticesHIPAA Compliance For Small Practices
HIPAA Compliance For Small Practices
 
Cyberinsurance 111006
Cyberinsurance 111006Cyberinsurance 111006
Cyberinsurance 111006
 

En vedette

Discharging federal taxes in bankruptcy presentation
Discharging federal taxes in bankruptcy presentationDischarging federal taxes in bankruptcy presentation
Discharging federal taxes in bankruptcy presentationgppcpa
 
Estudi de la funció del coactivador transcripcional PGC-1β en el teixit adipó...
Estudi de la funció del coactivador transcripcional PGC-1β en el teixit adipó...Estudi de la funció del coactivador transcripcional PGC-1β en el teixit adipó...
Estudi de la funció del coactivador transcripcional PGC-1β en el teixit adipó...Vall d'Hebron Institute of Research (VHIR)
 
Introduction to-chef
Introduction to-chefIntroduction to-chef
Introduction to-chefL Krids
 
Tax planning for the dentist in an era of uncertainty
Tax planning for the dentist in an era of uncertaintyTax planning for the dentist in an era of uncertainty
Tax planning for the dentist in an era of uncertaintygppcpa
 
Guide to Doing Business in Taiwan
Guide to Doing Business in TaiwanGuide to Doing Business in Taiwan
Guide to Doing Business in Taiwangppcpa
 
Tax planning for the dentist in an era of uncertainty
Tax planning for the dentist in an era of uncertaintyTax planning for the dentist in an era of uncertainty
Tax planning for the dentist in an era of uncertaintygppcpa
 
Us tax presentation
Us tax presentationUs tax presentation
Us tax presentationgppcpa
 
Irs collection appeal procedures & defense strategy
Irs collection appeal procedures & defense strategyIrs collection appeal procedures & defense strategy
Irs collection appeal procedures & defense strategygppcpa
 
Common practice problems and the state of the dentist
Common practice problems and the state of the dentistCommon practice problems and the state of the dentist
Common practice problems and the state of the dentistgppcpa
 
An Update on Economic and Manufacturing Trends in Asia
An Update on Economic and Manufacturing Trends in AsiaAn Update on Economic and Manufacturing Trends in Asia
An Update on Economic and Manufacturing Trends in Asiagppcpa
 
Finding the Hidden Profit Potentials in your Dental Practice
Finding the Hidden Profit Potentials in your Dental PracticeFinding the Hidden Profit Potentials in your Dental Practice
Finding the Hidden Profit Potentials in your Dental Practicegppcpa
 
Diagnóstico genético en enfermedades raras del metabolismo del hierro: Anemia...
Diagnóstico genético en enfermedades raras del metabolismo del hierro: Anemia...Diagnóstico genético en enfermedades raras del metabolismo del hierro: Anemia...
Diagnóstico genético en enfermedades raras del metabolismo del hierro: Anemia...Vall d'Hebron Institute of Research (VHIR)
 
Reporting Requirements for US Citizens with Foreign Assets
Reporting Requirements for US Citizens with Foreign AssetsReporting Requirements for US Citizens with Foreign Assets
Reporting Requirements for US Citizens with Foreign Assetsgppcpa
 
Guide to Doing Business in Taiwan
Guide to Doing Business in TaiwanGuide to Doing Business in Taiwan
Guide to Doing Business in Taiwangppcpa
 
Irs practice techniques and case studies
Irs practice techniques and case studiesIrs practice techniques and case studies
Irs practice techniques and case studiesgppcpa
 
Irs collection appeal procedures defense strategy
Irs collection appeal procedures defense strategyIrs collection appeal procedures defense strategy
Irs collection appeal procedures defense strategygppcpa
 
Compensation and Employment Tax Issues
Compensation and Employment Tax IssuesCompensation and Employment Tax Issues
Compensation and Employment Tax Issuesgppcpa
 

En vedette (20)

Discharging federal taxes in bankruptcy presentation
Discharging federal taxes in bankruptcy presentationDischarging federal taxes in bankruptcy presentation
Discharging federal taxes in bankruptcy presentation
 
Estudi de la funció del coactivador transcripcional PGC-1β en el teixit adipó...
Estudi de la funció del coactivador transcripcional PGC-1β en el teixit adipó...Estudi de la funció del coactivador transcripcional PGC-1β en el teixit adipó...
Estudi de la funció del coactivador transcripcional PGC-1β en el teixit adipó...
 
Introduction to-chef
Introduction to-chefIntroduction to-chef
Introduction to-chef
 
Tax planning for the dentist in an era of uncertainty
Tax planning for the dentist in an era of uncertaintyTax planning for the dentist in an era of uncertainty
Tax planning for the dentist in an era of uncertainty
 
Watch this
Watch thisWatch this
Watch this
 
Presentation4
Presentation4Presentation4
Presentation4
 
Guide to Doing Business in Taiwan
Guide to Doing Business in TaiwanGuide to Doing Business in Taiwan
Guide to Doing Business in Taiwan
 
Tax planning for the dentist in an era of uncertainty
Tax planning for the dentist in an era of uncertaintyTax planning for the dentist in an era of uncertainty
Tax planning for the dentist in an era of uncertainty
 
Us tax presentation
Us tax presentationUs tax presentation
Us tax presentation
 
Irs collection appeal procedures & defense strategy
Irs collection appeal procedures & defense strategyIrs collection appeal procedures & defense strategy
Irs collection appeal procedures & defense strategy
 
Multi-stage, multimodal Approaches for regenerative stroke therapies
Multi-stage, multimodal Approaches for regenerative stroke therapiesMulti-stage, multimodal Approaches for regenerative stroke therapies
Multi-stage, multimodal Approaches for regenerative stroke therapies
 
Common practice problems and the state of the dentist
Common practice problems and the state of the dentistCommon practice problems and the state of the dentist
Common practice problems and the state of the dentist
 
An Update on Economic and Manufacturing Trends in Asia
An Update on Economic and Manufacturing Trends in AsiaAn Update on Economic and Manufacturing Trends in Asia
An Update on Economic and Manufacturing Trends in Asia
 
Finding the Hidden Profit Potentials in your Dental Practice
Finding the Hidden Profit Potentials in your Dental PracticeFinding the Hidden Profit Potentials in your Dental Practice
Finding the Hidden Profit Potentials in your Dental Practice
 
Diagnóstico genético en enfermedades raras del metabolismo del hierro: Anemia...
Diagnóstico genético en enfermedades raras del metabolismo del hierro: Anemia...Diagnóstico genético en enfermedades raras del metabolismo del hierro: Anemia...
Diagnóstico genético en enfermedades raras del metabolismo del hierro: Anemia...
 
Reporting Requirements for US Citizens with Foreign Assets
Reporting Requirements for US Citizens with Foreign AssetsReporting Requirements for US Citizens with Foreign Assets
Reporting Requirements for US Citizens with Foreign Assets
 
Guide to Doing Business in Taiwan
Guide to Doing Business in TaiwanGuide to Doing Business in Taiwan
Guide to Doing Business in Taiwan
 
Irs practice techniques and case studies
Irs practice techniques and case studiesIrs practice techniques and case studies
Irs practice techniques and case studies
 
Irs collection appeal procedures defense strategy
Irs collection appeal procedures defense strategyIrs collection appeal procedures defense strategy
Irs collection appeal procedures defense strategy
 
Compensation and Employment Tax Issues
Compensation and Employment Tax IssuesCompensation and Employment Tax Issues
Compensation and Employment Tax Issues
 

Similaire à Dental Compliance for Dentists and Business Associates

how to really implement hipaa presentation
how to really implement hipaa presentationhow to really implement hipaa presentation
how to really implement hipaa presentationProvider Resources Group
 
HxRefactored - TrueVault - Jason Wang
HxRefactored - TrueVault - Jason WangHxRefactored - TrueVault - Jason Wang
HxRefactored - TrueVault - Jason WangHxRefactored
 
Explaining the HIPAA Privacy[.docx
Explaining the HIPAA Privacy[.docxExplaining the HIPAA Privacy[.docx
Explaining the HIPAA Privacy[.docxVistaInfosec
 
Health care compliance webinar may 10 2017
Health care compliance webinar may 10 2017Health care compliance webinar may 10 2017
Health care compliance webinar may 10 2017Kimberly Simon MBA
 
An Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdfAn Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdfSeasiaInfotech2
 
Comp8 unit6a lecture_slides
Comp8 unit6a lecture_slidesComp8 unit6a lecture_slides
Comp8 unit6a lecture_slidesCMDLMS
 
HIPAA-Compliant App Development Guide for the Healthcare Industry.pdf
HIPAA-Compliant App Development Guide for the Healthcare Industry.pdfHIPAA-Compliant App Development Guide for the Healthcare Industry.pdf
HIPAA-Compliant App Development Guide for the Healthcare Industry.pdfSuccessiveDigital
 
HealthCare Compliance - HIPAA and HITRUST
HealthCare Compliance - HIPAA and HITRUSTHealthCare Compliance - HIPAA and HITRUST
HealthCare Compliance - HIPAA and HITRUSTKimberly Simon MBA
 
HealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUSTHealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUSTKimberly Simon MBA
 
Healthcare Compliance: HIPAA and HITRUST
Healthcare Compliance: HIPAA and HITRUSTHealthcare Compliance: HIPAA and HITRUST
Healthcare Compliance: HIPAA and HITRUSTControlCase
 
An Overview of the Major Compliance Requirements
An Overview of the Major Compliance RequirementsAn Overview of the Major Compliance Requirements
An Overview of the Major Compliance RequirementsDoubleHorn
 
What is HIPAA Compliance?
What is HIPAA Compliance?What is HIPAA Compliance?
What is HIPAA Compliance?Power Admin LLC
 
HIPAA eBOOK: Avoid Common HIPAA Violations
HIPAA eBOOK: Avoid Common HIPAA Violations HIPAA eBOOK: Avoid Common HIPAA Violations
HIPAA eBOOK: Avoid Common HIPAA Violations OnRamp
 
hitech act
hitech acthitech act
hitech actpadler01
 
HIPAA Compliance Testing In Software Applications.pdf
HIPAA Compliance Testing In Software Applications.pdfHIPAA Compliance Testing In Software Applications.pdf
HIPAA Compliance Testing In Software Applications.pdfZoe Gilbert
 
Hi paa and eh rs
Hi paa and eh rsHi paa and eh rs
Hi paa and eh rssupportc2go
 

Similaire à Dental Compliance for Dentists and Business Associates (20)

how to really implement hipaa presentation
how to really implement hipaa presentationhow to really implement hipaa presentation
how to really implement hipaa presentation
 
HxRefactored - TrueVault - Jason Wang
HxRefactored - TrueVault - Jason WangHxRefactored - TrueVault - Jason Wang
HxRefactored - TrueVault - Jason Wang
 
Explaining the HIPAA Privacy[.docx
Explaining the HIPAA Privacy[.docxExplaining the HIPAA Privacy[.docx
Explaining the HIPAA Privacy[.docx
 
Health care compliance webinar may 10 2017
Health care compliance webinar may 10 2017Health care compliance webinar may 10 2017
Health care compliance webinar may 10 2017
 
An Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdfAn Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdf
 
Comp8 unit6a lecture_slides
Comp8 unit6a lecture_slidesComp8 unit6a lecture_slides
Comp8 unit6a lecture_slides
 
HIPAA-Compliant App Development Guide for the Healthcare Industry.pdf
HIPAA-Compliant App Development Guide for the Healthcare Industry.pdfHIPAA-Compliant App Development Guide for the Healthcare Industry.pdf
HIPAA-Compliant App Development Guide for the Healthcare Industry.pdf
 
HealthCare Compliance - HIPAA and HITRUST
HealthCare Compliance - HIPAA and HITRUSTHealthCare Compliance - HIPAA and HITRUST
HealthCare Compliance - HIPAA and HITRUST
 
HealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUSTHealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUST
 
Healthcare Compliance: HIPAA and HITRUST
Healthcare Compliance: HIPAA and HITRUSTHealthcare Compliance: HIPAA and HITRUST
Healthcare Compliance: HIPAA and HITRUST
 
An Overview of the Major Compliance Requirements
An Overview of the Major Compliance RequirementsAn Overview of the Major Compliance Requirements
An Overview of the Major Compliance Requirements
 
What is HIPAA Compliance?
What is HIPAA Compliance?What is HIPAA Compliance?
What is HIPAA Compliance?
 
HIPAA eBOOK: Avoid Common HIPAA Violations
HIPAA eBOOK: Avoid Common HIPAA Violations HIPAA eBOOK: Avoid Common HIPAA Violations
HIPAA eBOOK: Avoid Common HIPAA Violations
 
hitech act
hitech acthitech act
hitech act
 
HIPAA Compliance Testing In Software Applications.pdf
HIPAA Compliance Testing In Software Applications.pdfHIPAA Compliance Testing In Software Applications.pdf
HIPAA Compliance Testing In Software Applications.pdf
 
HIPAA AND IT AUDITS.pdf
HIPAA AND IT AUDITS.pdfHIPAA AND IT AUDITS.pdf
HIPAA AND IT AUDITS.pdf
 
Scary acronyms
Scary acronymsScary acronyms
Scary acronyms
 
HIPAA
HIPAAHIPAA
HIPAA
 
Confidentiality, HIPAA and HITECH
Confidentiality, HIPAA and HITECHConfidentiality, HIPAA and HITECH
Confidentiality, HIPAA and HITECH
 
Hi paa and eh rs
Hi paa and eh rsHi paa and eh rs
Hi paa and eh rs
 

Plus de gppcpa

The Hazards of Unpaid Payroll Taxes
The Hazards of Unpaid Payroll TaxesThe Hazards of Unpaid Payroll Taxes
The Hazards of Unpaid Payroll Taxesgppcpa
 
CFO Half-Day Conference
CFO Half-Day ConferenceCFO Half-Day Conference
CFO Half-Day Conferencegppcpa
 
Blockchain and Cybersecurity
Blockchain and Cybersecurity Blockchain and Cybersecurity
Blockchain and Cybersecurity gppcpa
 
Surviving a Refundable Credit Due Diligence Audit
Surviving a Refundable Credit Due Diligence AuditSurviving a Refundable Credit Due Diligence Audit
Surviving a Refundable Credit Due Diligence Auditgppcpa
 
Build Homes, Not Your Tax Bills: How the new tax law impacts home builders
Build Homes, Not Your Tax Bills: How the new tax law impacts home buildersBuild Homes, Not Your Tax Bills: How the new tax law impacts home builders
Build Homes, Not Your Tax Bills: How the new tax law impacts home buildersgppcpa
 
The IRS Passport Revocation For Unpaid Taxes: A Primer
The IRS Passport Revocation For Unpaid Taxes: A PrimerThe IRS Passport Revocation For Unpaid Taxes: A Primer
The IRS Passport Revocation For Unpaid Taxes: A Primergppcpa
 
The Impact of the Tax Cuts & Jobs Act on High Tax Bracket Individuals - Show ...
The Impact of the Tax Cuts & Jobs Act on High Tax Bracket Individuals - Show ...The Impact of the Tax Cuts & Jobs Act on High Tax Bracket Individuals - Show ...
The Impact of the Tax Cuts & Jobs Act on High Tax Bracket Individuals - Show ...gppcpa
 
Tax Reform Update for Businesses and Individuals
Tax Reform Update for Businesses and IndividualsTax Reform Update for Businesses and Individuals
Tax Reform Update for Businesses and Individualsgppcpa
 
The New Tax Law: Here's What You Should Know
The New Tax Law: Here's What You Should KnowThe New Tax Law: Here's What You Should Know
The New Tax Law: Here's What You Should Knowgppcpa
 
International Tax Reform - Tax Cuts and Jobs Act of 2017
International Tax Reform - Tax Cuts and Jobs Act of 2017International Tax Reform - Tax Cuts and Jobs Act of 2017
International Tax Reform - Tax Cuts and Jobs Act of 2017gppcpa
 
Financial Strategies for 2018 for Foreign Investors
Financial Strategies for 2018 for Foreign InvestorsFinancial Strategies for 2018 for Foreign Investors
Financial Strategies for 2018 for Foreign Investorsgppcpa
 
Alternatives to IRS Enforced Collections - Installment Agreements and Account...
Alternatives to IRS Enforced Collections - Installment Agreements and Account...Alternatives to IRS Enforced Collections - Installment Agreements and Account...
Alternatives to IRS Enforced Collections - Installment Agreements and Account...gppcpa
 
What Every Business Owner Needs to Know About Selling a Business
What Every Business Owner Needs to Know About Selling a BusinessWhat Every Business Owner Needs to Know About Selling a Business
What Every Business Owner Needs to Know About Selling a Businessgppcpa
 
A Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOsA Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOsgppcpa
 
Occupational Fraud and Electronic Evidence Investigations
Occupational Fraud and Electronic Evidence InvestigationsOccupational Fraud and Electronic Evidence Investigations
Occupational Fraud and Electronic Evidence Investigationsgppcpa
 
Subchapter S Corporations & Estates Trusts as Shareholders
Subchapter S Corporations & Estates Trusts as Shareholders Subchapter S Corporations & Estates Trusts as Shareholders
Subchapter S Corporations & Estates Trusts as Shareholders gppcpa
 
Occupational Fraud - What Dentists Need to Know
Occupational Fraud - What Dentists Need to KnowOccupational Fraud - What Dentists Need to Know
Occupational Fraud - What Dentists Need to Knowgppcpa
 
Are your medical office practices putting you at risk for a lawsuit?
Are your medical office practices putting you at risk for a lawsuit?Are your medical office practices putting you at risk for a lawsuit?
Are your medical office practices putting you at risk for a lawsuit?gppcpa
 
Divorce & Estates: Tax and Other Financial Considerations
Divorce & Estates: Tax and Other Financial ConsiderationsDivorce & Estates: Tax and Other Financial Considerations
Divorce & Estates: Tax and Other Financial Considerationsgppcpa
 
Embezzlement: What Dentists Need to Know
Embezzlement: What Dentists Need to KnowEmbezzlement: What Dentists Need to Know
Embezzlement: What Dentists Need to Knowgppcpa
 

Plus de gppcpa (20)

The Hazards of Unpaid Payroll Taxes
The Hazards of Unpaid Payroll TaxesThe Hazards of Unpaid Payroll Taxes
The Hazards of Unpaid Payroll Taxes
 
CFO Half-Day Conference
CFO Half-Day ConferenceCFO Half-Day Conference
CFO Half-Day Conference
 
Blockchain and Cybersecurity
Blockchain and Cybersecurity Blockchain and Cybersecurity
Blockchain and Cybersecurity
 
Surviving a Refundable Credit Due Diligence Audit
Surviving a Refundable Credit Due Diligence AuditSurviving a Refundable Credit Due Diligence Audit
Surviving a Refundable Credit Due Diligence Audit
 
Build Homes, Not Your Tax Bills: How the new tax law impacts home builders
Build Homes, Not Your Tax Bills: How the new tax law impacts home buildersBuild Homes, Not Your Tax Bills: How the new tax law impacts home builders
Build Homes, Not Your Tax Bills: How the new tax law impacts home builders
 
The IRS Passport Revocation For Unpaid Taxes: A Primer
The IRS Passport Revocation For Unpaid Taxes: A PrimerThe IRS Passport Revocation For Unpaid Taxes: A Primer
The IRS Passport Revocation For Unpaid Taxes: A Primer
 
The Impact of the Tax Cuts & Jobs Act on High Tax Bracket Individuals - Show ...
The Impact of the Tax Cuts & Jobs Act on High Tax Bracket Individuals - Show ...The Impact of the Tax Cuts & Jobs Act on High Tax Bracket Individuals - Show ...
The Impact of the Tax Cuts & Jobs Act on High Tax Bracket Individuals - Show ...
 
Tax Reform Update for Businesses and Individuals
Tax Reform Update for Businesses and IndividualsTax Reform Update for Businesses and Individuals
Tax Reform Update for Businesses and Individuals
 
The New Tax Law: Here's What You Should Know
The New Tax Law: Here's What You Should KnowThe New Tax Law: Here's What You Should Know
The New Tax Law: Here's What You Should Know
 
International Tax Reform - Tax Cuts and Jobs Act of 2017
International Tax Reform - Tax Cuts and Jobs Act of 2017International Tax Reform - Tax Cuts and Jobs Act of 2017
International Tax Reform - Tax Cuts and Jobs Act of 2017
 
Financial Strategies for 2018 for Foreign Investors
Financial Strategies for 2018 for Foreign InvestorsFinancial Strategies for 2018 for Foreign Investors
Financial Strategies for 2018 for Foreign Investors
 
Alternatives to IRS Enforced Collections - Installment Agreements and Account...
Alternatives to IRS Enforced Collections - Installment Agreements and Account...Alternatives to IRS Enforced Collections - Installment Agreements and Account...
Alternatives to IRS Enforced Collections - Installment Agreements and Account...
 
What Every Business Owner Needs to Know About Selling a Business
What Every Business Owner Needs to Know About Selling a BusinessWhat Every Business Owner Needs to Know About Selling a Business
What Every Business Owner Needs to Know About Selling a Business
 
A Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOsA Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOs
 
Occupational Fraud and Electronic Evidence Investigations
Occupational Fraud and Electronic Evidence InvestigationsOccupational Fraud and Electronic Evidence Investigations
Occupational Fraud and Electronic Evidence Investigations
 
Subchapter S Corporations & Estates Trusts as Shareholders
Subchapter S Corporations & Estates Trusts as Shareholders Subchapter S Corporations & Estates Trusts as Shareholders
Subchapter S Corporations & Estates Trusts as Shareholders
 
Occupational Fraud - What Dentists Need to Know
Occupational Fraud - What Dentists Need to KnowOccupational Fraud - What Dentists Need to Know
Occupational Fraud - What Dentists Need to Know
 
Are your medical office practices putting you at risk for a lawsuit?
Are your medical office practices putting you at risk for a lawsuit?Are your medical office practices putting you at risk for a lawsuit?
Are your medical office practices putting you at risk for a lawsuit?
 
Divorce & Estates: Tax and Other Financial Considerations
Divorce & Estates: Tax and Other Financial ConsiderationsDivorce & Estates: Tax and Other Financial Considerations
Divorce & Estates: Tax and Other Financial Considerations
 
Embezzlement: What Dentists Need to Know
Embezzlement: What Dentists Need to KnowEmbezzlement: What Dentists Need to Know
Embezzlement: What Dentists Need to Know
 

Dernier

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 

Dernier (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 

Dental Compliance for Dentists and Business Associates

  • 1. For Free compliance tips join our list! www.DentalCompliance.com
  • 2. Neither of these guys are licensed peace officers, attorneys, or dentists…. they‟re not very funny either!
  • 3. After completing this presentation participants should be able to: Define Covered Entity, Protected Health Information and Business Associates Identify major legislation regarding patient privacy laws in Texas Explain why protecting Protected Health Information is important and consequences for non-compliance with state and federal laws Sketch out a plan to achieve compliance for their organizations
  • 4.
  • 5. HIPAA Privacy HIPAA Security HB 300 (Texas Medical Privacy Act) HITECH
  • 6. Took effect on April 1st, 2003 First major regulation in recent years to control fraud, waste and abuse of government programs Mandated mechanisms for exchange of information between healthcare clearinghouses, health plans and providers.
  • 7. Took effect in 2009 Provided Federal money for providers to help incorporate EHR into health care practices Recognized the majority of data breaches was by Business Associates and there were (previously) no accountability to enforce HIPAA provisions over unlicensed BA‟s
  • 8. Took effect on 09/01/2012 Re-defined “Protected Health Information” Expanded definition of “Covered Entity” to include entities that come into possession of, obtain, assemble, collect, analyze, evaluate, store or transmit PHI.
  • 9. Expanded privacy and security mandates on covered entities such as: Employee training (within 60 days of hire and every 2 years) Patient access to electronic health records (EHRs) (15 days) Identifies state agencies that regulate covered entities and the agency‟s compliance enforcement process (Office of Attorney General for non-licensed C.E.‟s)
  • 10. Consumer Information Website Prohibits sale or disclosure of PHI Consumer Notice and Authorization Required for Electronic Disclosure of PHI Fines and penalties include civil and criminal remedies for non- compliance
  • 11. American Recovery and Reinvestment Act of 2009 (ARRA) became federal law on February 12, 2009. HITECH is part of that law. The goal of HITECH is to enhance and expand the HIPAA Privacy Rule and Security Rules. The HITECH Act not only makes privacy regulations more strict, but it also gives more power to federal and state authorities to enforce privacy and security protections for resident information and data.
  • 12. It increases HIPAA‟s patient rights regarding control over their PHI (medical information) It limits the use of PHI for marketing purposes It mandates breach (unauthorized access or loss of PHI) notification It also extends a lot of the same requirements to those business associates outside of our company to whom we give PHI so they can do their jobs.
  • 13. Published January 25th, 2013 Expands the definition of Business Associates - now include entities that “maintain” PHI, in addition to those that create, receive, or transmit PHI for a function or activity such as claims processing or administration, data analysis, utilization review, quality assurance, patient safety activities, billing, benefit management, practice management, and re-pricing. The definition extends fully to subcontractors of BAs who perform these functions.
  • 14. Solidifies that BAs are directly liable for compliance with HIPAA. Under the new rules, BAs are statutorily liable for violations of the HIPAA security rules. They are also subject to the same HIPAA privacy restrictions as covered entities. This includes requirements that BAs create and implement HIPAA privacy and security policies and procedures in relation to the handling of PHI of a covered entity. BAs may be subject to compliance reviews by the federal Department of Health and Human Services (HHS).
  • 15. Require BAs to report to the covered entities breaches of unsecured PHI. Breach is the unauthorized access of PHI by unintended or unauthorized persons or entities.
  • 16.
  • 17. As per HB 300 and HITECH Final Rule: Basically, all persons or entities who receive, possess, or generate protected health information (PHI) or who store and „could potentially‟ access PHI
  • 18. Individually Identifiable Health Information (including demographic data, that relates to: The individual‟s past, present or future physical or mental health or condition; The provision of health care to the individual, or The past, present, or future payment for the provision of health care to the individual
  • 19. EXAMPLES: Names, Addresses, Date and place of birth, Race, Marital Status, Phone numbers, Fax numbers, Email addresses, Social Security numbers, Medical record numbers, Health insurance beneficiary numbers, Account numbers, Certificate/license numbers, Vehicle identifiers and serial numbers, including license plate numbers, Device identifiers and serial numbers, Web URLs, IP address numbers, Biometric identifiers (including finger, retinal and voice prints), Full face photographic images and any comparable images
  • 20.
  • 21. Required (R) means that complying with the given standard is mandatory and, therefore, must be complied with. Addressable (A) means that the given standards must be implemented by the organization unless assessments and in depth risk analysis conclude that implementation is not reasonable and appropriate specific to a given business setting. Important Note: Addressable does not mean optional.
  • 22.
  • 23. Safeguard documents and communications involving PHI (oral, written and otherwise) Shred or definitively destroy documents that are no longer needed Notify Covered Entities if any information has been breached Have written policies and procedures to account for this information See HIPAA Privacy summary for additional
  • 24.
  • 25. Risk Analysis: (R) Perform and document a risk analysis to see where PHI is being used and stored and to determine what all possible ways HIPAA could be violated are Risk Management: (R) Implement measures sufficient to reduce these risks to an appropriate level. Sanction Policy: (R) Implement sanction policies for employees who fail to comply. Information Systems Activity Reviews: (R) Regularly review system activity, logs, audit trails, etc. Officers: (R) Designate HIPAA Security and Privacy Officers
  • 26. Employee Oversight: (A) Implement procedures to authorize and supervise employees who work with PHI, and for granting and removing PHI access to employees. Ensure that an employee‟s access to PHI ends with termination of employment. Multiple Organizations: (R) Ensure that PHI is not accessed by parent or partner organizations or subcontractors that are not authorized for access. ePHI Access: (A) Implement procedures for granting access to ePHI and which document access to ePHI or to services and systems which grant access to ePHI. Security Reminders: (A) Periodically send updates and reminders of security and privacy policies to employees.
  • 27. Protection against Malware: (A) Have procedures for guarding against, detecting, and reporting malicious software. Login Monitoring: (A) Institute monitoring of logins to systems and reporting of discrepancies. Password Management: (A) Ensure there are procedures for creating, changing, and protecting passwords. Response and Reporting: (R) Identify, document, and respond to security incidents. Contingency Plans: (R) Ensure there are accessible backups of ePHI and that there are procedures for restore any lost data.
  • 28. Contingency Plans Updates and Analysis: (A) Have procedures for periodic testing and revision of contingency plans. Assess the relative criticality of specific applications and data in support of other contingency plan components. Emergency Mode: (R) Establish (and implement as needed) procedures to enable continuation of critical business processes for protection of the security of electronic protected health information while operating in emergency mode. Evaluations: (R) Perform periodic evaluations to see if any changes in your business or the law require changes to your HIPAA compliance procedures. Business Associate Agreements: (R) Have contracts with business partners who will have access to your PHI to ensure that they will be compliant.
  • 29. Contingency Operations: (A) Establish (and implement as needed) procedures that allow facility access in support of restoration of lost data under the disaster recovery plan and emergency mode operations plan in the event of an emergency. Facility Security: (A) Implement policies and procedures to safeguard the facility and the equipment therein from unauthorized physical access, tampering, and theft. Access Control and Validation: (A) Implement procedures to control and validate a person‟s access to facilities based on their role or function, including visitor control, and control of access to software programs for testing and revision. Maintenance Records: (A) Implement policies and procedures to document repairs and modifications to the physical components of a facility which are related to security
  • 30. Workstations: (R) Implement policies governing what software can/must be run and how it should be configured on systems that provide access ePHI. Safeguard all workstations providing access to ePHI and restrict access to authorized users. Devices and Media Disposal and Re-use: (R) Create procedures for the secure final disposal of media that contain ePHI and for the reuse of devices and media that could have been used for ePHI. Media Movement: (A) Record movements of hardware and media associated with ePHI storage. Create a retrievable, exact copy of electronic protected health information, when needed, before movement of equipment.
  • 31. Unique User Identification: (R) Assign a unique name and/or number for identifying and tracking user identity. Emergency Access: (R) Establish (and implement as needed) procedures for obtaining necessary electronic protected health information during an emergency. Automatic Logoff: (A) Implement electronic procedures that terminate an electronic session after a predetermined time of inactivity. Encryption and Decryption: (A) Implement a mechanism to encrypt and decrypt electronic protected health information when deemed appropriate.
  • 32. Audit Controls: (R) Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information. ePHI Integrity: (A) Implement policies and procedures to Protect electronic protected health information from improper alteration or destruction. Authentication: (R) Implement procedures to verify that a person or entity seeking access to electronic protected health information is the one claimed. Transmission Security: (A) Implement technical security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network.
  • 33.
  • 34. Create, revise, and/or implement HIPAA policies and procedures. Diligently pursue HIPAA-compliant policies and procedures as they relate to HIPAA security and privacy requirements.
  • 35. Ensure you have Business Associate agreements on file with the Covered Entities whose patients’ PHI you have access to. Ensure you have BA agreements with covered entity clients, as well as with subcontractors to whom it delegates BA functions (consider relationships with lenders, transition specialists, practice management, attorneys, other vendors).
  • 36. For you and ALL employees or persons for whom you are responsible receive training as required: within 60 days of beginning new employment, and; every two years Training must include State and Federal requirements
  • 37. This presentation is NOT comprehensive and is only intended as a high-level overview of information relevant to Covered Entities and Business Associates. My team and I are happy to provide you with additional information or you can surf the Internet at: http://www.hhs.gov/ocr/privacy/hipaa/administrative/statute/index.html
  • 38. Duane Tinker traded his gun and badge for a clipboard and classroom to inform and teach Dental professionals how to stay off the radar and out of the news! As President & CEO of Dental Compliance Specialists, LLC -- a company specializing in Dental office regulatory compliance – he has taken his expertise as a former law enforcement officer responsible for investigating criminal and civil complaints against practices and now uses this knowledge to assist Dental professionals in avoiding these legal pitfalls. He is a much sought-after speaker and consultant and a member of the Speaking Consulting Network. In this pursuit, today his passion is all about helping beleaguered oral healthcare providers find justice!

Notes de l'éditeur

  1. For more information, contact Duane at Duane@DentalCompliance.com