Webinar Overview

Navigating the IT requirements of the HIPAA Security Rule is one of the most challenging aspects of healthcare compliance, especially when it comes to the daily transmission of Protected Health Information (PHI). This session provides a detailed, practical guide to securing PHI across modern communication channels, cutting through the prevalent myths and complexities that surround this critical area.

Drawing from over 18 years of experience as a compliance auditor and expert witness in HIPAA-related litigation, the instructor will provide clarity based on real-world evidence and direct experience with OCR auditors. We will delve into specific, high-risk scenarios involving texting, email, portable devices, and voice data, separating legal requirements from industry hype. Critically, we will explore the growing trend of patients pursuing cash remedies for wrongful disclosures and demonstrate the proactive steps and enforceable best practices you can implement to significantly limit your organization's financial and legal exposure.

Why You Should Attend

Are you overwhelmed by the conflicting information online about what is and isn't allowed under HIPAA for IT and communication? This webinar is designed to provide definitive, experience-based answers. Misunderstanding your obligations for transmitting PHI is a primary source of liability for both Covered Entities and Business Associates.

Attend this session to:

• Understand the current enforcement landscape from HHS and the acute risks related to BYOD, texting, and email.

• Learn how to avoid being "low-hanging fruit" for audits and, more critically, for lawsuits from individuals whose PHI has been compromised.

• Gain insights from an expert who has testified in cases where poor IT practices led to costly litigation—a financial threat that now often exceeds the risk of federal penalties.

Areas Covered in the Session

• The 2024 Enforcement Landscape: Key regulatory updates and what they mean for your IT policies.

• BYOD (Bring Your Own Device): Developing and enforcing effective, legally defensible policies for personal devices.

• Portable Device Security: Implementing actionable best practices for laptops, tablets, and smartphones that access PHI.

• Clinician Texting: Practical, compliant solutions for doctor-to-doctor and doctor-to-patient communication.

• Business Associate Burdens: Clarifying the increased responsibilities and risks for vendors and how to manage them.

• Emailing PHI: Clear guidelines for determining when encryption is necessary and how to implement it effectively.

• Texting PHI: Understanding the requirements for secure medical messaging platforms versus standard SMS.

• The Federal Audit Process: A behind-the-scenes look at what triggers an OCR audit and how to prepare for one.

Who Will Benefit

This webinar is essential for any individual or organization that handles protected health information, including:

• Healthcare Practice Managers and Administrators

• Business Associates (Billing Companies, IT Vendors, Transcription Services, Answering Services, etc.)

• Physicians and Medical Professionals

• Chief Information Officers (CIO), IT Directors, and Security Staff

• Compliance Officers and Risk Managers

• Attorneys Representing Healthcare Entities

• Any person who directly or indirectly creates, accesses, or transmits PHI.