HIPAApt2-PGM
0 likes139 views
This document outlines an upcoming training on HIPAA privacy rules held by the N.W. Louisiana AIDS Resource Center. The 1-hour training on July 3rd will cover administrative, physical, and technical safeguards required by the HIPAA Security Rule, as well as policies, procedures, penalties, and the burden of proof related to data breaches as defined in the HIPAA Breach Notification Rule. It will also discuss security incident response plans and the requirements of the Health Information Technology for Economic and Clinical Health Act.
HIPAApt2-PGM
- 1. N.W. Louisiana AIDS Resource Center 2020 Centenary Boulevard • Shreveport, LA 71104 Training Day “HIPAA Privacy Rules - Pt. 2” July 3, 2013_Wednesday The Philadelphia Center (318) 222-6633 Safeguards A. Security Rule- § 45 CFR Parts 160, 162, and 164 Total Hrs.: 1 Presenter: Kevin W. Jenkins 1. Administrative Safeguards • Data Backup Plan • Disaster Recovery Plan • Emergency Mode Operation Plan • Testing and Revision Procedures • Applications and Data Criticality Analysis b. Assigned Security Responsibility - § 164.308(a)(2) Breach Notification Rule A. Security Incident Procedures - § 164.308(a)(6) B. Enforcement Rule & Compliance 1. Policies & Procedures 2. Penalties & Liabilities • Burden of Proof • Individual Notice • Notify Federal Trade Commission • Notify the Secretary of Breaches • HITECH Act - § Section 13410(d) a. Security Management Process - § 164.308(a)(1) a. Response & Reporting - § 164.308(a)(6)(ii) 2. Contingency Plan - § 164.308(a)(7) c. Workforce Security - § 164.308(a)(3) d. Information Access Management - § 164.308(a)(4) e. Security Awareness and Training - § 164.308(a)(5) f. Business Associate Contracts - § 164.308(b)(1) The Health Information Technology for Economic and Clinical Health Act, enacted as part of the American Recovery and Reinvestment Act of 2009, promotes the adoption and meaningful use of health information technology. *