3 Webinars to Understand about HIPAA's Audit, Privacy Requirements,Security Rule and Securing PHI in Transmission

HIPAA Audits – an Insiders Perspective

Presented By Brian L Tuttle

I will be speaking to real life audits conducted by the Federal government for Phase 2 and beyond (I’ve been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). It seems almost daily I am receiving calls from nervous practice managers and compliance officers all over the USA regarding a HIPAA audit letter or call they have received. This lesson will be addressing how to practice/business managers (or compliance offers) need to get their HIPAA house in order before the imminent audits occur. It will also address major changes under the Omnibus Rule and any other applicable updates for 2018.  

The primary goal is to ensure everyone is well educated on what is the myth and what is the reality with this law, there is so much misleading information all over regarding the do’s and don’ts with HIPAA – I want to add clarity for compliance officers and practice managers. I will uncover myths versus reality as it relates to this very enigmatic law based on over 1000 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. In addition, this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. – MAJOR RISKS HERE – I will discuss real-life cases I have been a part of and how to avoid being dragged into litigation altogether.

HIPAA –Emailing, Texting, and Personal Devices (myths vs realities)

Presented By Brian L Tuttle

This lesson will be going into great detail regarding your practice or business information technology and how it relates to the HIPAA/HITECH Security Rule and securing PHI in transmission. I will go through multiple examples and specific scenarios and also offer simple common-sense solutions.

Areas covered will be texting, email, encryption, medical messaging, voice data, personal devices, and risk factors. I will uncover myths versus reality as it relates to this very enigmatic law based on over 1000 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors.  

I will speak on specific experiences from over 18 years of experience in working as an outsourced compliance auditor, an expert witness on multiple HIPAA cases in state law, and thoroughly explain how patients are now able to get cash remedies for wrongful disclosures of private health information. More importantly, I will show you how to limit those risks by simply taking proactive steps and utilizing best practices. Don’t always believe what you read online about HIPAA, especially as it relates to encryption and IT, there are a lot of groups selling more than is necessarily required.

HIPAA and Social Media Violations of HIPAA’s Privacy Requirements

Presented By Mark Brengelman

This webinar provides an overview of core privacy requirements of HIPAA. Then, the subject moves to the social media activities of healthcare practitioners. This webinar provides a brief summary of those basic HIPAA privacy protections then goes into detail on the many ways a health care provider may run afoul of the privacy exceptions via the use of social media. This may occur both when a healthcare practitioner initiates a social media comment and when the practitioner responds to a social media statement. A common pitfall is where current or former patients rate doctors on health care practitioner rating websites.  

How does one respond and not violate the law? Can the doctor’s informed consent or practice policy documentation with the patient cover this and prevent the patient from speaking out on social media about the doctor? This webinar will cover examples of state laws that apply to licensed health care professionals that mandate confidentiality and will further examine how healthcare professionals’ licenses can be suspended or revoked for privacy violations in the course of using social media. Finally, a look at how the employment rules of the healthcare facility may impact the use of social media by the healthcare practitioner.


Brian L Tuttle is a Certified Professional in Health IT (CPHIT), Certified HIPAA Professional (CHP), Certified HIPAA Administrator (CHA), Certified Business Resilience Auditor (CBRA), Certified Information Systems Security Professional (CISSP) with over 18 years’ experience in Health IT and Compliance Consulting. With vast experience in health IT systems (i.e. practice management, EHR systems, imaging, transcription, medical messaging, etc.) as well as over 18 years’ experience in standard Health IT with multiple certifications and hands-on knowledge, Brian serves as compliance consultant and has conducted onsite and remote risk assessments for over 1000 medical practices, hospitals, health departments, insurance plans, and business associates throughout the United States.

In addition, Mr. Tuttle has served in multiple litigated court cases serving as an expert witness offering input related to best practices and requirements for securing and providing patient access to protected health information. Mr. Tuttle has also worked directly with the Office of Civil Rights (OCR) both in defending covered entities and business associates as well as being asked by the Federal government to audit covered entities and business associates on behalf of the OCR. Almost all of Brian’s clients are earned by referral with little or no advertising. Brian is well known and highly regarded in medical circles throughout the United States for his quality work and down-home southern charm

Mr. Tuttle has a Master’s Degree in Health Sciences from Georgia State University and works nationally out of Kennesaw, GA with his wife Tiffany and two rescue dogs Willie and Butter Bean. 



Mark Brengelman worked as the assigned counsel to numerous health professions licensure boards as an Assistant Attorney General for the Commonwealth of Kentucky. Moving to private practice, he now helps private clients in a wide variety of contexts who are professionally licensed. Mark became interested in the law when he graduated with both Bachelor's and Master's degrees in Philosophy from Emory University in Atlanta. He then earned a Juris Doctorate from the University of Kentucky College of Law. In 1995, Mark became an Assistant Attorney General and focused in the area of administrative and professional law where he represented multiple boards as General Counsel and Prosecuting Attorney. Mark is a frequent participant in continuing education and has been a presenter of over thirty national and state organizations and private companies, including webinars and in-person seminars. National and state organizations include the Kentucky Bar Association, the Kentucky Office of the Attorney General, and the National Attorneys General Training and Research Institute.

This bundle course webinar will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures, how it relates to the HIPAA/HITECH Security Rule and securing PHI in transmission and how social media violations may occur among healthcare practitioners.

The webinar format is 1-1.5 hours of audio-visual presentation, including a brief Q&A session.

This webinar bundle includes below 3 recorded webinars:

HIPAA –Emailing, Texting, and Personal Devices (myths vs realities)
HIPAA and Social Media Violations of HIPAA’s Privacy Requirements

  • $150.00