The U.S. Department of Health and Human Services (HHS) has recently expanded HIPAA compliance requirements and increased enforcement and penalties, making compliance training even more important for plan sponsors.
This class will provide employers with an overview of HIPAA’s privacy, security, breach notification, and enforcement rules from a Human Resource perspective. Employers’ responsibilities under these laws are rapidly changing and expanding with the implementation of health care reform. This class will review key terms and concepts, including “covered entities,” “Protected Health Information (PHI and ePHI),” “business associate,” and “breach notification.” The class also will discuss special enrollment rights, non-discrimination, and security rule compliance requirements including reporting requirements for security breaches.
- How are covered entities defined and what types of plans are subject to HIPAA?
- What are HIPAA’s special enrollment rights and nondiscrimination requirements?
- How is Protected Health Information (PHI or ePHI) defined and what are the restrictions on the use and disclosure of PHI?
- What rights do plan participants have?
- What are the privacy notice requirements?
- What are the responsibilities of a designated Privacy Officer and who should serve in this role?
- What are the HIPAA Security Rule requirements? Who are Business Associates and what are Business Associate Agreements?
- When, and to whom, does an organization need to report a security breach?
- What are the penalties for non-compliance?
Who Should Attend
Human resources directors and managers, benefits administrators, and designated privacy officers for group health plan sponsors. Please note that IT and health care provider requirements are not addressed.
Employers Council staff attorney