Fremont, California
Upcoming Events in Fremont California
July
| 4 |
Risk Analysis: How to Do it Right under HIPAA and HITECH
- Overview: The Health Insurance Portability and Accountability Act of 1996 (HIPAA) sets many rules and regulations to help create guidelines for healthcare providers (covered entities) to protect the integrity of personal health information (PHI). The HIPPA Security Rule specifically requires conducting a security risk analysis per 45 CFR 164.308(a)(1). Part of the risk analysis includes implementing updates as necessary and correcting identified vulnerability (or documenting why they did not take action to address the vulnerability). Recently the healthcare industry has seen a renewed focus on having a risk assessment because the Omnibus Rule expanded the requirements of the Security Rule risk analysis to healthcare vendors that access personal health information (Business Associates). Additionally, many providers have a new interest to have a compliant risk assessment in order to achieve Meaningful Use and receive incentive funds. Many providers and vendors are under a false assumption that they have correctly conducted a risk assessment and are compliant with the regulations but that is not always the case. The industry has seen recent evidence that many organizations are not meeting the risk analysis requirements. Many organizations conduct their assessment, check it off their list and falsely assume they met the requirements. This is apparent through the recent random compliance audits spearheaded by the Centers for Medicare & Medicaid Services and the Office for Civil Rights (OCR). Furthermore, risk analysis deficiencies are commonly uncovered during security incidents and investigations. Many organizations are not thorough enough, do not have the proper documentation, did not take action to mitigate identified risks, or have not revisited a risk analysis after a significant change to their security program. In this hour-long session, IT security veteran Mac McMillan, CEO of CynergisTek and Chair of HIMSS Privacy and Security Policy Task Force, will review the risk analysis requirements for healthcare organizations and vendors and clarify some of the misconceptions that are common in the industry. McMillan will review the OCR approved NIST methodology and how it can be applied when conducting a risk assessment. This webinar is ideal for any organization that creates, receives, maintains or transmits PHI, as they are directly liable to meet the HIPAA Security Rule risk analysis requirements. Upon completion of this educational webinar, attendees will be much more knowledgeable on the subject and will be able to identify if their organization's risk assessment is in compliance. It will also provide an industry expert's guidance on conducting an assessment for organizations that need to assess their security program. Why should you attend: Does your risk assessment meet the requirements under Health Insurance Portability and Accountability Act of 1996 (HIPAA) and Meaningful Use? Many organizations conduct a risk assessment and check it off their list. They assume their assessment was thorough enough and that it met regulatory requirements but that is often not the case. It is evident from the findings from security incidents and investigations, and the Office for Civil Rights (OCR) and the Centers for Medicare & Medicaid Services (CMS) random compliance audits that many organizations have an inefficient risk analysis process. These discrepancies and inefficiencies can lead to hefty financial penalties from OCR, as well as having to pay back Meaningful Use incentive dollars. Don't be one of the covered entities or business associates that falsely believe that a risk assessment is inapplicable to them. If you have a risk analysis process in place, don't be one of the organizations that is investigated or randomly audited and caught without a proper risk assessment that meets regulatory requirements. Learn how to verify if your process and methodology is sufficient by attending this webinar and better understand the requirements under the HIPAA Security Rule and Meaningful Use attestation requirements. Areas Covered in the Session: Risk analysis requirements under the HIPAA Security Rule and Meaningful Use Stage 1 and 2 Who is required to have a risk assessment The importance of risk analysis Addressable specifications Methodology when conducting a risk assessment The NIST Risk Analysis Documentation requirements Who Will Benefit: Director of IT IT Manager CIO CISO Security Officer Risk Analyst/IT Risk Analyst Compliance Officers, Compliance Specialists Mac McMillan is co-founder and CEO of CynergisTek, Inc., a firm specializing in the areas of information security and regulatory compliance in healthcare. He is the current Chair of the HIMSS Privacy & Security Policy Task Force and was recognized in 2012 as a HIMSS Fellow. Mr. McMillan brings over 30 years of combined intelligence, security countermeasures and consulting experience to his position from both Government and private sector positions. He has worked in the Healthcare industry since his retirement from the federal government in 2000 and has contributed regularly to organizations such as HIMSS, HCCA, AHIA, AHIMA, AAHSA, HFMA and AHLA and contributes regularly to the thought leadership around data security in healthcare. MentorHealth Roger Steven Phone No: 800-385-1607 FaX: 302-288-6884 webinars@mentorhealth.com Event Link: http://bit.ly/1n1D0Kz http://www.mentorhealth.com/ Address: Online Event , Fremont, California |
| 4 |
How to Decide which HIPAA Policies You Need to Adopt
- Overview: The webinar will explain the process for covered entities and business associates to use to decide which policies to draft, adopt, implement, and enforce to achieve HIPAA compliance and the process for deciding what should go into each policy. Writing a policy is easier than one may think. It is a three-step process: researching, drafting, and revising. This webinar will teach you to ask questions, solicit help, collect samples, keep the principles of substance, organization, coherence, style, and correctness in mind while you are drafting, send your draft out for review, incorporate comments, implement the policy, and repeat as necessary. The prospect of developing and writing perhaps as many as 70 policies to attain HIPAA compliance may still seem daunting, but this webinar will teach you how to make a checklist, take it step by step, and enlist the help of others when you need it. Part of that first step is figuring out which policies you may need and why. MentorHealth Roger Steven Phone No: 800-385-1607 FaX: 302-288-6884 webinars@mentorhealth.com Event Link: http://bit.ly/1gCDpFe http://www.mentorhealth.com/ Address: Online Training , Fremont, California |
| 18 |
Omnibus (Mega) Rule Changes to HIPAA & the HITECH Act and What They Mean to Covered Entities and Business Associates
- Overview: The Omnibus Rule finalizes the modifications to the HIPAA Privacy Rule, Security Rule, and enforcement rules to implement many of the privacy, security, and enforcement provisions of the HITECH Act and to make other changes to the Rules, modifies the breach notification rule, and finalizes the modifications to the HIPAA Privacy Rule to strengthen privacy protections for genetic information. Generally speaking, covered entities and business associates will have until September 23, 2013, to comply with these new provisions. This 60-minute webinar gives you an excellent overview of the new rule changes. Learn what actions to take now to achieve HIPAA compliance with the new Omnibus Rule, to pass an audit or an investigation, and to avoid civil money penalties and criminal convictions. Why should you attend: Have you read the 563-page Omnibus (Mega) Rule? No? Do you have any idea what you need to do now to comply with it? Do you know what could happen to you if you are not in compliance with HIPAA and the Omnibus Rule changes? (Hint: The answer could involve as much as millions of dollars and a free trip to Leavenworth.) Do you know about the changes in HIPAA enforcement that it requires? Can you explain the changes to the breach notification rule? Do you know whether you are responsible for the breaches involving protected health information (“PHI”) of your business associates or your downstream business associates? Do you have new and/or revised business associate agreements in place that reflect the Omnibus Rule changes? Do you know whether your marketing efforts comply with HIPAA and the new Omnibus Rule changes? Have you updated your Risk Analysis and developed and implemented a compliance plan based on that Risk Analysis to reflect the new Omnibus Rule changes? Could you and your organization pass an audit or an investigation right now, or at least by the compliance date of September 23, 2013, that included the Omnibus Rule changes? Areas Covered In the Session: Overview of the Omnibus (Mega) Rule changes Changes in HIPAA enforcement Changes to the breach notification rule Changes in the Business Associate relationship Changes in regards to marketing Compliance plan Who will benefit: HIPAA Compliance Officers HIPAA Security Officers HIPAA Privacy Officers CFOs, CEOs, COOs, CIOs Human Resources Directors Business Office Managers Administrators Medical Records Personnel Health Information Management Professionals Health Care Attorneys Patient Accounts Managers Billing Services Physicians, Dentists Jonathan P. Tomes , J.D., is a health care attorney and partner in the law firm of TOMES & DVORAK, CHARTERED. He has written more than 50 books, including The Compliance Guide to HIPAA and the DHHS Regulations, and dozens of articles in the area of HIPAA compliance. He has been an expert witness in litigation involving health information compliance issues and is the President of EMR Legal, Inc., a national HIPAA consulting firm. His knowledge of the law and of the practical aspects of setting up a security system provides a rare opportunity for compliance officers and medical records veterans and novices alike. Mr. Tomes has presented seminars nationally for 20 years. MentorHealth Roger Steven Phone No: 800-385-1607 FaX: 302-288-6884 webinars@mentorhealth.com Event Link: http://bit.ly/1joZt0U http://www.mentorhealth.com/ Address: Online Event , Fremont, California |
| 4 |
How to Develop an Effective Compliance Program
- Overview: Fraud, waste and abuse are spiraling out of control in the United States. The federal government is the biggest target for fraudsters because it spends hundreds of billions of dollars subsidizing federal programs. Medicare, the federal health insurance program for millions of Americans who are over age 65, disabled or have end stage renal disease, is the largest federal health care program. Because of rising health care costs and the proliferation of fraud, waste and abuse in the health care industry, the government continues to pass legislation and enforcement activities directed at the health care industry. The U.S. Department of Health and Human Services' (HHS) and the Office of Inspector General (OIG) believe that an effective compliance program can significantly reduce fraud, waste and abuse. In addition, prosecutors may not pursue a criminal action against organizations that have an effective compliance program. Consequently, implementing an effective compliance program could minimize the consequences resulting from a violation of the law. In fact, the U.S. Sentencing Commission Guidelines specifically mandate lesser criminal sanctions for companies that have effective compliance. Generally, the OIG will look to the effectiveness of the compliance program as a factor when determining the level of sanctions, penalties, and/or exclusions to be imposed on the provider. In addition to reducing the risk of criminal and civil liabilities and sanctions, compliance programs offer many other benefits. Primarily, a compliance program fulfills the provider's legal duty to ensure that it is not submitting false or inaccurate claims to government and private payors. Equally important, a compliance program helps a provider fulfill its care-giving mission to residents and patients and the community. It improves quality of care and operations because it assists the provider to identify weaknesses and to improve upon internal systems and business office management. Furthermore, an effective compliance plan and program concretely demonstrates to employees and the community at large the provider's strong commitment that it is honest and ethical in its corporate conduct. In addition, it helps provide a more accurate view of employee and contractor behavior relating to fraud and abuse. A compliance program reduces the likelihood of wrongdoing, aids in the early detection of issues, and establishes a structure for internal reporting and investigation. In addition, it helps prevent criminal activity and illustrates a lack of intent to perform unlawful acts; thus, in cases where the government uncovers fraud, it shows that reasonable efforts have been made by management to prevent and detect any misconduct that occurs within the entity. By initiating immediate and appropriate corrective action; and through early detection and reporting, you can minimize the loss to the government from false claims, and thereby reduce your exposure to civil damages and penalties, criminal sanctions, and administrative remedies, such as program exclusion. Why should you attend: SNFs face complex challenges that require new and coordinated approaches by the quality, compliance and risk management teams. A survey finding of immediate jeopardy could be followed by a wrongful death lawsuit, attorney general investigation, professional licensure actions, 'qui tam' civil lawsuit or criminal enforcement action. SNF leadership won't want to miss this insightful presentation that will review the key strategies and tactics necessary to evaluate and update current program efforts to maximize outcomes, while minimizing the typical program 'gaps' that leave SNFs vulnerable to the 'perfect storm' that churns up complex issues tied to quality, compliance and risk management. Areas Covered in the Session: Review ACA requirements for nursing facility compliance programs Discuss what the requirements mean for nursing facilities Learn proactive compliance measures to take to ensure your facility is meeting compliance program expectations Learn the seven required elements of a Medicare Compliance Program Who Will Benefit: Healthcare Executives and Managers Physician Executives and Leaders Physicians Nurses Healthcare Personnel Employers Background : Under the Affordable Care Act (the"Ac"), skilled nursing facilities and nursing facilities participating in Medicare and Medicaid programs must implement an effective compliance and ethics program by March 23, 2013. Fortunately, enforcement was delayed until later in the year, so there is still time. Failure to implement these core compliance program features will create additional opportunities for regulatory and law enforcement scrutiny, as well as potential False Claims Act liability for failure to prevent or identify improper federal healthcare program claims and payments. The existence or lack of robust provider compliance program controls, when paired with the stronger sanctions and expanded application of the federal False Claims Act, Civil Monetary Penalties Law, and Anti-Kickback Law will be subject to enhanced focus in fraud and abuse inquiries and prosecutions. Dr. Freville is an independent consultant who advises healthcare clients regarding many regulatory issues including but not limited to compliance and HIPAA/HITECH program effectiveness. She establishes compliance department operations to include planning, designing, and implementing system-wide Corporate Compliance and HIPAA/HITECH Programs. She writes Codes of Ethical Conduct and compliance policies and procedures for providers. MentorHealth Roger Steven Phone No: 800-385-1607 FaX: 302-288-6884 webinars@mentorhealth.com Event Link: http://bit.ly/1mJ5076 http://www.mentorhealth.com/ Address: Online Event , Fremont, California |
| 8 - 12 |
Fremont Camps & Clinics
- World Cup Soccer Camps and Clinics is conducting soccer camps for children at numerous locations in the entire San Francisco Bay Area including Fremont, Burlingame and more around 30 cities. Address: 4760 Thornton Ave, , Fremont, California |
| 11 |
Texting and E-mail With Patients Under HIPAA
- Overview: This session will focus on the rights of individuals to communicate in the manner they desire, and how a medical office can decide what is an acceptable process for communications with individuals. The session will explain how to discuss communications options with individuals so that you can best meet their needs and desires, while preserving their rights under the rules. With the new HIPAA random audit program now getting under way, and increases in enforcement actions following breaches, now is the time to ensure your organization is in compliance with the regulations and meeting the e-mail and texting communication needs and desires of its providers and patients. You need the proper privacy protections for health information, and the necessary documented policies and procedures, as well as documentation of any actions taken pursuant to your policies and procedures. Your policies and procedures will probably need major revisions to maintain compliance in areas such as individual access of records, accounting of disclosures, and breach notification. And, of course, you will need to train your staff in all the new policies and procedures. E-mail has long been a staple of people's lives, but as we move into the new digital age, it seems everyone is moving to a new smart phone and wants to use it in all the incredible ways it can be used for health care purposes, including the use of e-mail and texting. Doctors are finding that texting is far more flexible, convenient, and effective than paging, and patients want to be able to use short message texting for handling of appointments, updates, and the like, where even e-mail or the telephone would seem inconvenient. In order to integrate the use of e-mail and texting into patient communications, it is essential to perform the proper steps in an information security compliance process to evaluate and address the risks of using the technology. This session will describe the information security compliance process, how it works, and how it can help you decide how to integrate e-mail and texting into your organization in a compliant way. The process, including the use of information security risk analysis, will be explained, and the policies needed to support the process will be described. But the process must also include consideration of various patient access requirements in the HIPAA Privacy Rule. There are new requirements to provide patients electronic access of electronically held PHI which raise new questions of how that access will be provided and how the information will be protected during and after access. And there has long been a HIPAA requirement for covered entities to do their best to meet the requests of their patients for particular modes of communication, and using e-mail or texting is no exception. The stakes are high - any improper exposure of PHI may result in an official breach that must be reported to the individual and to the US Department of Health and Human Services, at great cost and with the potential to bring fines and other enforcement actions if a violation of rules is involved. Likewise, complaints by a patient if they are not afforded the access they desire can bring about HHS inquiries and enforcement actions, so it is essential to find the right balance of access and control. HHS compliance audit activity and enforcement penalties are both increased, especially in instances of willful neglect of compliance, if, for instance, your organization hasn't adopted the complete suite of policies and procedures needed for compliance, or hasn’t adequately considered the impact of e-mail or texting on your compliance. The session will discuss the requirements, the risks, and the issues of the increasing use of e-mail and texting for patient and provider communications and provide a road map for how to use them safely and effectively, to increase the quality of health care and patient satisfaction. In addition, the session will discuss how to be prepared for the eventuality that there is a breach, so that compliance can be assured. Why should you attend: The HIPAA Omnibus Update rules contain numerous changes to HIPAA Privacy, Security, and Breach Notification rules that affect communication with patients and clients of health care services, who often ask to communicate with health care offices via e-mail or text message. Many of the policies and procedures in place at every health care-related organization will need to be reviewed and updated to meet the new requirements. Organizations need to understand the various ways that health care communications can take place, and how patient communications fit in with the HIPAA rules. They need to design and implement a patient communication policy and plan, and train their staff on it, or they may face significant new fines for noncompliance. E-mail and texting present new challenges to health care providers, as there are simultaneously new requirements to share information with patients, and a new enforcement effort to ensure the privacy and security of Protected Health Information (PHI). Meeting both challenges requires careful consideration of all the regulations and technologies, as well as patient preferences and work flow. Most HIPAA covered entities now face difficult choices between compliance and ease of communication. Most organizations haven’t updated their information security risk analysis or policies and procedures and run the risk of breaches, rule violations, and fines in the event of mishandling of PHI using these new technologies. Areas Covered in the Session: Find out the ways that patients want to use their e-mail and texting to communicate with providers, and the ways providers want to use e-mail and texting to enable better patient care Learn what are the risks of using e-mail and texting, what can go wrong, and what can result when it does Find out about HIPAA requirements for access and patient preferences, as well as the requirements to protect PHI Learn how to use an information security management process to evaluate risks and make decisions about how best to protect PHI and meet patient needs and desires Find out what policies and procedures you should have in place for dealing with e-mail and texting, as well as any new technology Learn about the training and education that must take place to ensure your staff uses e-mail and texting properly and does not risk exposure of PHI Find out the steps that must be followed in the event of a breach of PHI Learn about how the HIPAA audit and enforcement activities are now being increased and what you need to do to survive a HIPAA audit Who Will Benefit: Compliance Director CEO CFO Privacy Officer Security Officer Information Systems Manager HIPAA Officer Chief Information Officer Health Information Manager Healthcare Counsel/lawyer Office Manager Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities. MentorHealth Roger Steven Phone No: 800-385-1607 FaX: 302-288-6884 webinars@mentorhealth.com Event Link: http://bit.ly/1kaP5df http://www.mentorhealth.com/ Address: Online Event , Fremont, California |
| 16 |
How to Ensure a Successful Health Care Systems Implementation
- 33 Overview: The presentation takes the participant through the steps needed to ensure a successful health care computer system implementation. Once presented the participant will see the logic of the tools and processes and be able to apply them to their system implementation. The tools and processes presented in this material have been developed by implementing health care systems for over 40 years and seeing what has worked and WHY it has worked. These tools and processes have been equally and successfully applied to the implementation of large, complex systems and smaller, simpler systems for large, multidepartment organizations and for small health care organizations. The process focuses on establishing the project's implementation expectations, identifying meaningful metrics for success, establishing project plans, assigning individual accountabilities and responsibilities, establishing and executing project tasks, monitoring project progress and validating project success. To establish viable project expectations, the presentation addresses the need for bringing all of the stakeholders (organization owners, providers and management, operations staff, IT staff and the vendor) into establishing common and realizable expectations. These are reviewed in context of the organization's current environment and its short and long term goals and are considered as a critical part of the implementation completion process. In the case of turning around an already troubled or failed system implementation, the process emphasizes the tasks of reassessing the project stakeholder expectations - why they decided the system would help the organization and what they expected to get from the system. Next the process shows the participant how to convert these expectations to realistic and measurable project success metrics. The process focuses on learning how to separate "so what" metrics from meaningful and measurable metrics. In addition, the process provides direction regarding how to establish tools and processes to capture and report the metrics so that ALL stakeholders can monitor the progress of the health care system implementation. Problems arise in every project. Whether they be in difficulties in the system performing as expected, or conflicts in management, provider staff, the internal IT team and/or the vendor ability to complete their tasks. This can because of not having time to devote to the system implementation, the demands of daily responsibilities, the lack of training or skill sets needed for the implementation or conflicts in resource allocation. The presentation takes the participant through the steps needed to remediate these problems and maintain the continuity of the implementation process. All projects require a plan. The presentation describes the role of the implementation planning process and how to prepare the plan. The presentation emphasizes that the project plan is an ever changing document and that the purpose of the project is not to develop and manage the plan, but to use the plan as a tool for successfully completing the implementation and realizing the desired benefits. And the presentation takes the participant through the steps needed to monitor the progress of the project and how respond when the project goes off plan. The presentation addresses how to address deviations in the implementation plan and how to respond with actions in getting the project back on track. Why should you attend: Everyone has heard the horror stories of computer system implementations that have gone wrong. The goal is to learn from the mistakes made by those health care organizations and to take advantage of the processes that avoid those problems and repeatedly lead to successful implementations. Large and small health care organizations invest considerable time, effort and money in considering the potential benefits of a new system and selecting the "right" system. The decision is important. And the proper execution of the implementation is critical. An effectively implemented computer system has the potential to be a great benefit to a health care organization. On the other hand, a disastrous computer system implementation can cause considerable difficulties for the organization in provider and staff frustration, organizational efficiency losses, costs to provide care, conflicts with the system vendor and likely the quality of care that is provided. The tools and processes for planning for a successful implementation are the same as those needed and have been successfully used to reverse a failed system implementation. The difference is their sequence and the sense of urgency. The tools and processes provided in this course have been used successfully in implementing health care computer systems for over 40 years - they have been used in the real world to successfully implement health care computer systems and … to turn around failed health care system implementations. This presentation discusses why they work. Areas Covered in the Session: The attributes of a successful system implementation Why implementations fail and how to avoid these problems How to develop successful implementation expectations by all stakeholders How to convert the successful implementation expectations into measurable metrics Establishing project plans - identifying the resources needed for the project and scheduling tasks What is good data and the role of the conversion process Developing manual support procedures How to establish processes for addressing problems and conflicts that occur during the project How to monitor the progress of the project and identify when problems occur and have processes for addressing the problems System testing and validation The role out - live use of the system - actual startup How to know when the project is completed How to apply these processes to a system implementation that has failed Who Will Benefit: Chief Executive Officer Chief Operating Officer Managing Partner Chief Financial Officer Office Manager IT Manager Health Care Software Vendors wanting to ensure successful implementation Jim Wener has over 40 years of experience in assisting health care organizations – both providers and payers- in identifying their automation requirements and helping these organizations select and successfully implement the automation most applicable for their needs. MentorHealth Roger Steven Phone No: 800-385-1607 FaX: 302-288-6884 webinars@mentorhealth.com Event Link: http://bit.ly/1n5DOhH http://www.mentorhealth.com/ Address: Online Event , Fremont, California |
| 16 |
How To Avoid Penalties for Fraud or Abuse In Your Health Care Practice or Organization
- Overview: Author and health care compliance expert Joseph Bate will define fraud and abuse to totally clear up any misconceptions that lead to prosecution, exclusion and civil penalties caused by providers who "just don't know". This topic will provide an effective tutorial for keeping your health care practice out of trouble. Real life case examples will be given to illustrate how health care provider's activity resulted in both fraud penalties and abuse penalties. Why should you attend: You need to be ever mindful of keeping your health care practice out of trouble and out of harms way. Concentrating on quality health care in your practice just is not enough to prevent the demise of your practice by regulators constantly looking over your shoulder. Many practices are uncertain about this and work under the assumption that when there is uncertainty whether a claim is payable, they should just submit the claim and let the payer screen for uncovered services. That's putting your head in the alligator's mouth! Areas Covered in the Session: Defining Fraud Fraud Penalties With Case Examples Defining Abuse Penalties For Abuse With Case Examples Six Tips For Avoiding Penalties For Fraud And Abuse Overview Of The Most Common Forms Of Fraud Overview Of The Most Common Forms Of Abuse Who Will Benefit: Health Care Providers And Organizations Health Care Compliance Officers Hospital CEO's & Administrators Health Care Legal Offices Joseph Batte is president of Kristall Associates, a compliance, and risk assessment specialist for the health care provider community as well as the litigation support community. He is a former special agent with the US Office of Inspector General and participated in the development of that Departments compliance guidance’s. He is a nationally known speaker on compliance and has authored the book "Doctors are from Jupiter, Compliance is from a galaxy far away. MentorHealth Roger Steven Phone No: 800-385-1607 FaX: 302-288-6884 webinars@mentorhealth.com Event Link: http://bit.ly/1ieBsQo http://www.mentorhealth.com/ Address: Online Event , Fremont, California |