It's hard to believe, but a year has already passed since the deadline for the HIPAA Omnibus Final Rule went into place. Although the language is set, the full impact is still playing out.
Recent changes within the Office of Civil Rights (OCR) and its leadership have energized enforcement and changed what healthcare organizations can expect during the next 12 months. Listen to Mac McMillan, Chair of the HIMSS Privacy and Policy Task Force, for a unique update on:
Who's in, who's out at the OCR and what it means for you;
Future audits and changes to the OCR enforcement approach;
What data protection issues will be at the forefront as we move into 2015.
Steven Irons from Zix will join Mac McMillan to highlight the latest developments in email encryption, and BYOD and how they can support your compliance needs.
Throughout 2014 we witnessed a continued barrage of negative news stemming from healthcare's lack of data protection preparedness. OCR was active in their role as enforcer and educator but clearly much more can be done. This session will provide an update on what enforcement action was taken throughout 2014 along with what to expect moving forward.
For example, recently OCR announced plans to begin a renewed Audit program. The current plan calls for audits of up to 1,200 HIPAA covered entities, including health plans, healthcare clearinghouses and certain healthcare providers, and business associate. The expectation is that more of the audits will be on-site audits and fewer remote "desk audits" than officials originally planned.
One simple area to address is the requirement to safeguard PHI during transmission via email. The insecure nature of email combined with its inherent high volume of traffic makes it particularly susceptible for HIPAA-related violations. This reliance on email should inevitably place it at the top of the healthcare compliance checklist. Zix has helped thousands of healthcare organizations meet their HITECH/HIPAA compliance obligations. This session will outline easy email encryption solutions along with a fresh new approach to securely enabling BYOD.
McMillan is co-founder and CEO of CynergisTek Inc., a firm specializing in information security and regulatory compliance. He has more than 30 years of federal and private sector experience in managing and delivering information security services and is chair of the HIMSS Privacy and Security Steering Committee.