Healthcare compliances training and discussion blog

Posts tagged ‘Health Care Compliance Training’

How to understand the new HIPAA requirements to make sure you’re in compliance


The American Recovery and Reinvestment Act of 2009 (ARRA), also known as the stimulus bill, contains the HITECH Act that amends the Health Insurance Portability and Accountability Act (HIPAA), which was enacted in 1996.

“When HIPAA was first enacted, the health care industry was paper driven,” says Jeff Porter, a director with Kegler, Brown, Hill & Ritter. “HITECH is addressing some long-standing issues with HIPAA, as well as some newer issues that have arisen as a result of the advent of electronic health records and the online transfer of health information.”

Among the significant changes are the expansion of enforcement to states’ attorneys general and expansion of privacy and security provisions related to “business associates” and new breach notification provisions. In addition, penalties can now be imposed on individuals as well as entities.

Smart Business asked Porter for more information about the changes to HIPAA Training.

Who is covered by HIPAA?

You or a legal representative can determine whether you are a covered entity. The website for the U.S. Department of Health & Human Services (HSS.gov) and the Office of Civil Rights (OCR) provide good guidance in this regard. Covered entities typically include hospitals, nursing homes, medical offices that provide treatment and bill for those services, health insurance plans, and health care clearinghouses (e.g., companies that convert health records and other information into the coding necessary for billing and research). If you are a business associate of a covered entity (e.g., a medical billing firm or a home health care agency), and you are obtaining information for a purpose the covered entity might use it for, you fall under the HIPAA provisions which apply to business associates.

What changes have been made regarding penalties for noncompliance?

The penalties have changed in a couple of significant ways. First, in regard to enforcement, previously penalties could only be imposed on covered entities – now penalties can be imposed on individuals as well. If someone within an organization willingly neglects and doesn’t comply with the rules and makes wrongful disclosures, he or she will be subject to fines, as well as possible imprisonment. Second, in the past, enforcement and violations were addressed solely at the federal level by the Office of Civil Rights. Now, attorney generals are empowered to deal with enforcement and violations as well.

What is the impact on state privacy laws?

Although many believe that HIPAA is the sole controlling authority related to patient privacy, it does not however preempt state privacy laws and regulations. If provisions in the state privacy laws are more restrictive, then those provisions apply in addition to HIPAA. For example, Ohio has some of the stricter state privacy laws in regard to disclosure of protected health information. These laws have to be evaluated and reviewed to determine what additional actions might be needed in terms of notification and disclosures. The question for the future is whether states with these stricter privacy measures will impact exchange of health information with other states. In coming years, if we are going to have more free-flowing medical information, these issues will need to be addressed.

What is considered protected health information?

Protected health information is identifiable information related to treatment of a patient and that is maintained by a covered entity. In certain circumstances covered entities can release this information without authorization, for purposes of treatment, billing and health care operations. Covered entities can’t release information beyond those purposes without authorization of the patient. In addition, specific types of information are viewed as more sensitive (e.g., mental health and substance abuse information, information about certain diseases, such as HIV) in many states and more restrictions on disclosure exist at the state level.

What is a permissible disclosure?

Information can be disclosed if a patient authorizes it. Information must be disclosed by a protected entity if the HHS requests that information as part of an investigation. Permitted disclosures also include treatment information (to help treat a patient); information used to seek payment; or information used in the health care operations category if that information will improve the quality of care overall or part of the business overall.

Do patients have any new rights?

Patients will have a greater ability to try to find out who has accessed their protected health information. Past experience is that most patients never request such information. However, there will now be a greater ability for patients to request an accounting of disclosures. This means that covered entities and business associates could be asked to account for a good deal of information if they get a request. New regulations are being considered in this area, so it is an area to watch.

How can covered entities best keep up with the changes and protect themselves?

1) Keep an eye on releases from HSS about changes. 2) Consult with your legal representative. 3) Make sure your designated privacy officer is properly trained and that he or she is training your employees. 4) Keep open lines of communication with business associates and make sure any contracts you have with them include appropriate provisions that will require they comply with HIPAA and all other state laws which may come into play.

This article was originally posted at http://www.sbnonline.com/2012/03/how-to-understand-the-new-hipaa-requirements-to-make-sure-you%E2%80%99re-in-compliance/?full=1

 

Advertisements

The Criticality of Risk Assessments: FISMA, HIPAA, and other regs


 By Richard E. Mackey, Jr.
Dark Reading

One of the most important components in any security program is the risk assessment process. Regulations like FISMA, HIPAA, Red Flag Rules, and state privacy regulations require organizations to methodically assess risk and select security controls based on that assessment. The problem is that many organizations do not understand what it means to assess risk through a formal method. Worse yet, many IT people have a hard time understanding the practicality of formal assessments.What is a formal risk assessment?

Formal risk assessments are processes that consider the value of the assets that are at risk, the business and technical threats to the assets, and the effectiveness of the business and technical controls that are designed to protect the asset. In the end, a risk assessment gives the organization an objective measure of the risk to an asset. The process forces the organization to acknowledge and accept the risk, eliminate the risk by terminating a business practice (e.g., stop offering access to the asset via the web), transfer the risk by outsourcing or insurance, or, more often than not, select additional more effective business or technical controls to reduce the risk.

The benefits of formal risk assessments

Conducting formal assessments within a risk management program a number of benefits.

Formal assessments: 1. Require business and technical representatives to reason about risk in an objective, repeatable, way 2. Require consistent terminology and metrics to discuss and measure risk 3. Justify funding for needed controls 4. Identify controls that provide can be eliminated 5. Provide documentation of threats that were considered and risks that were identified 6. Require business and IT to acknowledge the responsibility for ownership of risk 7. Require organizations to track risks and reassess them over time and as conditions change

Why are risk assessments so important in compliance?

There is a good reason for so many regulations to include a requirement for risk assessment. It is only sensible that a regulatory body cannot dictate the controls that are necessary in every environment. What might be appropriate for a large company with a significant web presence could be overkill for small organization with a few customers. If the threats are different and the environment is different, it stands to reason that the controls may be different.

It is interesting to note that even the most prescriptive standards (e.g., PCI DSS) require risk assessments to determine the need for and effectiveness of controls. On the less prescriptive side of the regulatory spectrum, HIPAA and FISMA have very few required controls but expect the entire program to be risk based. This approach makes sense when one standard needs to apply to everyone.

Choosing a risk management framework

If your organization needs to comply with FISMA, your risk management approach should be based on NIST Special Publication 800-39. This document provides an overall description of the risk management lifecycle. Risk assessment, which is one part of the risk management program, is described in NIST Special Publication 800-30 (which is being revised). SP 800-30 provides a stepwise method for assessing risk that can be customized for a given organization.

Another good source of risk management documentation is provided by the OCTAVE project developed at Carnegie Mellon University. Both NIST and OCTAVE provide excellent sources for building a risk management program that help organizations meet their security and regulatory requirements.

This article was originally posted at http://www.darkreading.com/blog/231600781/the-criticality-of-risk-assessments-fisma-hipaa-and-other-regs.html

Cost Effective Health Compliance Training


emPower eLearning Solutions is the leading provider of effective online compliance and
competency training courses and learning management systems (LMS) to healthcare facilities.

As a health care management professional, you are not only responsible for providing exceptional care for your patients but also for making sure that the care they receive is delivered within guidelines set by the government and corporate entities. In order to manage your institution, you need to find ways to ensure healthcare security compliance tactics that are effective without draining your resources.

We understand the unique challenges you face trying to implement policies that ensure compliance while providing more effective care for your patients. That’s why emPower eLearning Solutions are dedicated to helping our clients discover new methods to train and educate their staff on ways to improve all aspects of their organization. From improving procedures to providing corporate health compliance training to bringing your hospital or institution in line with the policies of your parent company, we can help.

For More http://www.empowerbpo.com/home_health_aide.html

Mobile solutions, new tech to play key roles at HIMSS Read more: Mobile solutions, new tech to play key roles at HIMSS


Along with interoperability, mobile solutions and new digital technologies will be among the biggest foci of the upcoming HIMSS conference (Feb. 20-24) in Orlando, Fla. We’ll be hosting an executive breakfast on Tuesday, Feb. 22 at the Wyndham Orlando Resort on mHealth’s ever evolving role in achieving Meaningful Use. And the health IT fair will showcase new mobile products from RIM, Sprint Nextel, and Siemens, which is teaming up with Enterasys.

NaviNet, which specializes in online communications between physician practices and health plans, will unveil its first set of mobile products since acquiring Prematics last fall. Prematics, which started with e-prescribing software subsidized by health plans, now offers clinical messaging and care management platforms, as well. NaviNet has integrated these patient information capabilities with its own revenue cycle management solution and connections with health insurers.

Health plans will also be represented at HIMSS through recent acquisitions of health information exchange (HIE) vendors. Axolotl, which was purchased by United subsidiary Ingenix, and Medicity, now part of Aetna, both will have a presence. Ingenix also will be touting its acquisitions of Picis, A-Life Medical and Executive Healthcare Records.

Also of interest on the exhibition floor will be the emergence of the “digital pen” technology, which promises to make it easier for physicians to document visits in electronic health records. Shareable Ink, already being used in many emergency departments, is about to announce a deal with a major ambulatory EHR vendor. Anoto, another digital pen firm, describes outpatient EHR vendor NextGen as its partner.

To learn more:
– explore the conference agenda and exhibitor list at the HIMSS website
– read about the Navinet-Prematics solution

Physician Executives Should Not Ignore How Smartphones Will Transform Healthcare


Bottles Physician executives who ignore smartphones and their healthcare applications will miss the most important disruptive technology trend in the next five years. Physician executives who understand how smartphones will transform the industry for providers, payers, patients, and employers will thrive in their careers.

Rajeev Kapoor, a former executive at Verizon, describes the smartphone-enabled transformation: “The paradigm of healthcare has changed. You used to bring the patient to the doctor. Now you take the doctor, hospital, and entire healthcare ecosystem to the patient.” (http://ow.ly/3GIir) Susannah Fox of the Pew Research Center’s Internet and American Life Project offers a specific example when she talks about the celiac disease patient who uses her smartphone to evaluate food products in the grocery store.

“You cannot call your gastroenterologist every time you buy a new product.” (http://e-patients.net/index.php?s=fox) David Jacobson of Wellpoint notes that “The technology of telehealth is well ahead of the socialization of the telehealth idea and we are at a tipping point for utilization to begin taking off.” (http://ow.ly/3GIir)

The Global mHealth Developer Survey found that today 78% of respondents said that smartphones offer “the best business opportunities for mobile healthcare” in 2011; by 2015, 82% said smartphones would dominate the industry. Cell phones, tablets, and PDAs trailed smartphones in popularity according to the survey. (http://ow.ly/1aVf9V)

Smartphones run on a specific operating system and can download applications (apps) that run on the operating system. The most popular operating systems in the United States are iPhone, BlackBerry, Windows Mobile, Palm, Web, Symbian, and Android. (http://ow.ly/3GIwf) We are just beginning to discover how to harness the smartphone’s computing power, cameras, audio, video, motion sensors, and GPS functions to better manage health and wellness. (http://ow.ly/3gVzg)

In contrast to the rather slow adoption rate for both health information technology and personal health records, smartphone use is skyrocketing. In October 2006 15% of Americans owned a smartphone; by December 2009 that number was 42%. Surprisingly, one report noted that the smartphone market was “unfazed by the recession.” (http://ow.ly/3GIwf) In late January 2011 Apple reported that someone downloaded the 10 billionth app for the iPhone. (http://ow.ly/3IlLY) That lucky smartphone user received a $10,000 gift card to the iTunes store.

Why are smartphones so popular? The ability to carry around a handheld computer that is user-friendly and that allows users to do things anywhere at any time is attractive. One research whitepaper coined the term “care anywhere” for smartphone-enabled health care. (http://ow.ly/3GIir) But it has to be more than just that when people routinely say they “love their iPhone.”

MIT’s Sherry Turkle in her book Evocative Objects: Things We Think With writes “We think with the objects we love, and we love the objects we think with.” She also emphasizes how important it is that we carry this “second self” with us at all times. Mark Rolston, chief creative officer of Frog Design, observes that people grieve when they lose a personal electronic device. “You are leaving your brain behind,” he says (http://ow.ly/3jjCG).

Joseph Kvedar, MD, director of the Center for Connected Health at Partners HealthCare in Boston, states that humans find it easy and natural to anthropomorphize pet rocks and tomagotchis, and that we are truly forming trusting relationships with our smartphones. (http://e-patients.net/index.php?s=fox) In her new book, Alone Together: Why We Expect More from Technology and Less from Each Other, Turkle explores the positive and negative consequences of this love affair with smartphones and other forms of technology.

Demographics will also drive increased use of smartphones in health care. The first of the 78 million baby boomers will turn 65 in 2011 and as the sandwich generation who are concerned about the welfare of their children and their parents, they know the importance of health and wellness. Boomers also lead all generations in technology spending, and they will use smartphone technology to foster ongoing independence for themselves and to care for their relatives who live across the country. John Sherry, Director of User Experience Design for Intel, observes, “A number of economic, generational, and societal factors combine to make boomers likely early users of remote health monitoring and management products.” (http://ow.ly/3GIPJ)

Smartphones will transform healthcare by offering solutions in four classes of activities: communication, transactions, knowledge, and integration of information. (http://ow.ly/3GIir)

Communication

Communication between all players in the healthcare space will be changed by the use of smartphones. The most obvious arena to examine is the patient/doctor relationship. People who access scientifically sound advice through their smartphones wherever they find themselves can become more independent, empowered, self-managing patients as the above celiac example shows. Smartphones also make patients more likely to participate in online conversations with other patients on social media websites like PatientsLikeMe and DiabetesMine. Patients want to communicate with their physicians via email, but physicians have been slow to accommodate this desire. Although many consumers have not been able to use smartphones for communication with their provider, 85% of those that have connected with their doctor by means other than face-to-face were satisfied with their discussion. (http://ow.ly/3GIir)

Physicians worry about patient compliance, and 88% would like their patients to be able to monitor their weight, blood sugars, and vital signs on their own. 66% of physicians said they would like to use email for administrative communications like appointment reminders, but only 23% of consumers preferred communication by email for such simple communications. (http://ow.ly/3GIir) Forty percent of physicians said 30 percent of office visits could be avoided with the use of remote monitoring, email or text messaging with patients. (http://ow.ly/3GIPJ) A Mayo Clinic two-year study found that e-visits could replace in-office visits in 40 percent of 2,531 cases. (http://ow.ly/3GIir)

The Good Shepherd Health System developed their own iPhone app to help physicians access medical records, track vital signs, order medication, and coordinate care with other team members. Physicians from Duke, Harvard, and the John Theurer Cancer Center have worked with Zibbel, a health solutions technology company, to create a smartphone enabled virtual network for mobile cardiology and oncology consults between experts. (http://ow.ly/3GIir)

Smartphone technology can also change and improve communication between consumers and their pharmaceutical companies, health plans, employer, and health system. Michael Mathias, Aetna’s chief technology officer comments, “The days of mass communication are over. We can now deliver customized communications through mobile apps, online, telephonically, or through mail based on our understanding of how each member wants to be communicated with.” (http://ow.ly/3GIir)

Kaiser and Mayo are both developing smartphone apps to help patients managing chronic conditions and healthy consumers who want to stay fit. Scott Eising of Mayo Clinic says, “We’re a very content-oriented organization. In our research into the mobile health consumer, we found that people are looking for very action-oriented information.” Mayo Clinic has launched Mayo Clinic Meditation and Symptom Checker iPhone apps so that we can “take care of patients here and ‘there,’ whether at home or at work.” (http://ow.ly/3GIwf)

Qualcomm is creating “the clinic without walls” to take care of its 12,000 employees in the San Diego area. Using the Myca Health platform, Qualcomm’s health staff can consult remotely with mobile employees via smartphones. “People are so connected to phones, they’re an extension of themselves. You can’t have your doctor with you all the time but the phone can keep you on the right path toward health and wellness,” states Dr. Marion Zabinski. (http://ow.ly/3GIwf)

Merck Serono has developed a smart electronic injection device with two-way Bluetooth communication functions that track all injections made by the patient. When an injection is missed, nurses contact the patient to remind them to adhere to the treatment plan. (http://ow.ly/3GIir)

Transactions

The ability of consumers to use smartphones to book a flight or make a hotel reservation has revolutionized the travel industry, and many predict health care will soon follow suit.

The first area in healthcare that has utilized smartphones for transactions is e-prescribing. The most common prescription orders that a doctor uses can be automatically populated on their smartphone. Donald Burt, MD, chief medical officer of PatientKeeper, says their 25,000 physician users spend 20 percent of their time on their smartphone. Trusted nurses can post prescription order request on smartphones, and the physician can modify or approve the order no matter where they are located physically. A PricewaterhouseCoopers 2010 survey found that over 80 percent of both specialists and primary care doctors were interested in e-prescribing using their smartphones. (http://ow.ly/3GIir)

Aetna has made transaction functions such as physician finder and claims check available on smartphones. CVS Caremark has iPhone apps for prescription drug information and patient management of drug refills as well as for retail location finder functions. (http://ow.ly/3GIir)

Knowledge

Allowing physicians to have access to the latest evidence-based medicine knowledge at the point of care may be the most exciting and important application of smartphone technology. In a national survey, one third of physicians responded they make decisions based on incomplete information in nearly 70 percent of the patients they see. (http://ow.ly/3GIir) Lay people are also utilizing this technology to become wiser consumers of health care.

Epocrates is perhaps the best example of a mobile reference resource that physicians turn to in real time for information about the patients they are seeing right now. Epocrates’ drug reference app is the most popular free medical download for iPhones, and one study documented that 60 percent of Epocrates users avoided three or more medical errors a month. More than 125,000 doctors use Epocrates on iPhone and iPod touch devices. (http://ow.ly/3GIwf)

UpToDate is another evidence-based, peer-reviewed information resource available via smartphones. Over 400,000 providers use UpToDate for their synthesis of the medical literature, the latest studies, and treatment recommendations. (http://www.uptodate.com/home/index.html)

Skyscape has put together the largest library of medical resources that is available for smartphones, and the Medical Encyclopedia from the University of Maryland was one of the top ten free apps in the iTunes Store in December 2009. FDA Recalls is a free app for iPhones that keeps clinicians on top of which products have recalled by the manufacturer. (http://ow.ly/3GIwf)

Diagnostic tools for clinicians are too numerous to catalog. Examples include Diagnosaurs for general diagnosis, ARUP Consult for laboratory, OsiriX for digital imaging, Instant ECG for ECG interpretation, Vigilance for Emergency room situations, AirStrip OB for obstetrics, and American Well for remote physician consultations. (http://ow.ly/3GIwf)

Consumers are also using smartphones apps to keep abreast of medical knowledge. The Evincii app matches symptoms to over the counter medications, and the Mayo Clinic Symptom Checker iPhone app became available in early 2010. (http://ow.ly/3GIwf) Consumer interest has been highest in fitness and weight control apps (Tap & Track, iTreadmill, Walk It! And Pedometer-Widget), Diabetes Management (Glucose Buddy, Handylogs Sugar), High Blood Pressure Management (HeartWise, My Blood Pressure and Heart Rate), sleep hygiene (Sleep Cycle Alarm Clock, Smart Alarm Clock), Stress Reduction (Stress Free with Deepak Chopra, Rage Eraser), and First Aid (Pocket First Aid & CPR). (http://ow.ly/3gVzg)

Integration of Information from Diverse Sources

Perhaps the biggest challenge for both consumer and physician is how to integrate all of this information that is available via smartphones. It truly is like drinking from a fire hose, and the amount of information can be overwhelming.

Health systems have been focused on implementation of the electronic medical records, and the Patient Protection and Affordable Care Act has provided billions of dollars to support rapid adoption. Unfortunately both the hospital systems and the Office of National Coordinator have largely ignored the importance of integrating mobile health into other health information technology efforts. For example, two thirds of physicians in a national survey said they were using smartphones in their practice that are not connected to either their office or hospital HIT systems. Thirty percent of physicians said their health systems or medical group would not provide support for smartphones. (http://ow.ly/3GIir)

Many physicians and hospital administrators, tired of wearing multiple devices on their belts, have wanted their IT Departments to consolidate all messaging functions to smartphones. Most hospitals already have invested in pagers, cell phones, Vocera badges, SpectraLink Wi-Fi phones, and two-way radios, and what works for maintenance staff may not work for ICU nurses. A research white paper reporting on the experience of smartphone early adopter hospitals recommends supporting a variety of devices at the present time, but it also warns against being too slow to adopt smartphones. It also points out that work processes have been designed around the currently employed technologies and replacement by smartphones will necessitate work process redesign which may result in cost-savings. (http://ow.ly/3HalT)

Smartphones in health care will not live up to their full potential if integration is not successful. No matter how many readmissions for congestive heart failure remote weight monitoring at home could avoid, such programs will fail if the information does not appear in the office or hospital medical record.

Joseph Kevdar, MD, director of the Center for Connected Health at Partners HealthCare, stated that while “sensor technology may be rapidly becoming commoditized, integration with EMR and data aggregation systems is not something we have done well. We need to get better at gathering information, adding logistical software to get to the intersection of all the data and population health management.” (http://ow.ly/3GIir)

There are technological advances that are promising, according to Kvedar. Emotional sensors predict the patient’s mood by analyzing their voice (Cogito) or by facial recognition (Affectiva). Bodytrace’s wireless weight scale, Telecare’s wireless glucometer, and Vitality’s GlowCaps device all can find mobile networks when the sensor is triggered and so transmission of clinical data does not require the patient to do anything. (http://ow.ly/3K2FR)

Conclusion

Smartphone technology is already transforming the healthcare industry, but many physician and hospital leaders have not thought through the implications of their widespread adoption by both consumers and physicians. By understanding the implications of smartphones for communication, transactions, knowledge, and integration, leaders can begin to map successful strategies and tactics during a time of delivery system and payment reform. As John Mattison, MD, of Kaiser Permanente states, “The new wellness delivery channel for ubiquitous care will be the smartphone, and it will happen sooner than you think.” (http://ow.ly/3GIwf

This article was originally posted at http://www.thehealthcareblog.com/the_health_care_blog/2011/01/physician-executives-should-not-ignore-how-smartphones-will-transform-healthcare.html

HIPAA Compliance Business Associates Shouldering More Responsibilities


Business associate is an individual, group or an organization which participates or performs some activities on behalf of the Covered Entity in a capacity as a business partner and is not member of the workforce of the Covered Entity. The Privacy Rule lists some of the functions or activities, as well as the particular services, which makes a person or entity Business Associate, if the activity or service involves the use or disclosure of protected health information. The types of functions or activities that may make a person or entity a business associate includes payment or health care operations activities, as well as other functions or activities regulated by the Administrative Simplification Rules.

The new amendment to HIPAA Privacy and Security rule recently passed by Health Information Technology for Economic and Clinical Health Act (HITECH Act) and which came into effect from February 17, 2010 makes it mandatory for all the Covered entities to revise their Business Associate Contract. This has increased the scope of the law as more entities are obliged to follow the HIPAA compliance norms. At same time the amendment adds more responsibilities on the existing Business Associates.

The Covered Entities and their existing Business Associates now have to re-negotiate their existing contracts to achieve HIPAA compliance. The Business Associates now on, have to take adopt additional procedures to completely fulfill the physical, administrative, technical and documentation requirements of the rule. The amendment makes it mandatory for the Business Associate to report loss of unsecured data to the individual patients and/or the public media,depending upon scale of the violation.

The new regulatory requirements make it necessary for the Business Associate to thoroughly carry out the risk analysis for their systems and infrastructure to know the existent loopholes in the security. The next step is to develop appropriate policy which effectively removes the security loopholes by incorporating technical security measures like email encryption, user account management, auditing and a proper disaster backup plan.

Henceforth the Business Associate will also play a more responsible and active role in secure management of the patient health information, which earlier, before this amendment, was sole responsibility of the Covered Entity.

Business Associate plays important role in preserving the privacy of the patient health information.

About emPower

emPower is a leading provider of comprehensive Healthcare Compliance Solutions through Learning Management System (LMS). Our mission is to provide innovative security solutions to enable compliance with applicable laws and regulations and maximize business performance. We provide range of courses to manage compliance required by regulatory bodies such as OSHA, HIPAA, Joint commission and Red Flag Rule etc. Apart from this emPower also offers custom demos and tutorials for your website, business process management and software implementation.

Our Learning Management system (LMS) allows students to retrieve all the courses 24/7/365 by accessing our portal. emPower e-learning training program is an interactive mode of learning that guides students to progress at their own pace.

For additional information, please visit http://www.empowerbpo.com/HIPAA_Compliance_Training_Course_Template_Policies.html

emPower e-learning Solutions launches course to train employees and help you create policies on new amendments on HIPAA and ARRA act


emPower provides e- learning courses as mandated by the U.S. Government and other regulatory bodies like HIPAA, OSHA, Joint Commission and Red Flags rule. The successful passage of the new Health plan of Obama Government and resultant health care regulations have made it mandatory for the Covered health service providers, Practices and their Business Associates to achieve complete compliance to stay on the right side of the law. This, they can easily do by providing proper compliance training to their employees and in process eliminate expensive compliance risks. The latest amendment to HIPAA Privacy and Security rule, which came into effect from February 17, 2010, makes it mandatory for all the Covered entities to revise their Business Associate Contract.

The Business Associates now on share more responsibility for protection of the privacy of the patient health information. Any lapse on their part can invite serious penalties or criminal conviction, depending upon the severity of the violation. Keeping this in mind emPower, as a part of its compliance training program, has launched two online courses; one on amendment related to Business Associate Contract and the other one in policy template form. The template form provides an easy option to just sign a standard agreement policy, framed by the Regulatory authority and enter into a business alliance with Covered Entity in legal manner.

The course trains both the existing and prospective Business Associates to achieve complete compliance to the HIPAA norms through secure and efficient documentation, management and transaction of the patient health information with the Covered entities as per their written business agreement.

About emPower

emPower is a leading provider of comprehensive Health care Compliance Solutions through Learning management system (LMS). Our mission is to provide innovative security solutions to enable compliance with applicable laws and regulations and maximize business performance. We provide range of courses to manage compliance required by regulatory bodies such as OSHA, HIPAA, Joint commission and Red Flag Rule etc. Apart from this emPower also offers custom demos and tutorials for your website, business process management and software implementation.

Our Learning Management system (LMS) allows students to retrieve all the courses 24/7/365 by accessing our portal. emPower e-learning training program is an interactive mode of learning that guides students to progress at their own pace.

For additional information, please visit http://store.empowerbpo.com/

Tag Cloud