HIPAA –Emailing, Texting, and Personal Devices (myths vs realities)
Brian L Tuttle, CPHIT, CHP, CHA, CBRA, CISSP, CCNA
Brian L Tuttle is a Certified Professional in Health IT (CPHIT), Certified HIPAA Professional (CHP), Certified HIPAA Administrator (CHA), Certified Business Resilience Auditor (CBRA), Certified Information Systems Security Professional (CISSP) with over 18 years’ experience in Health IT and Compliance Consulting. With vast experience in health IT systems (i.e. practice management, EHR systems, imaging, transcription, medical messaging, etc.) as well as over 18 years’ experience in standard Health IT with multiple certifications and hands-on knowledge, Brian serves as compliance consultant and has conducted onsite and remote risk assessments for over 1000 medical practices, hospitals, health departments, insurance plans, and business associates throughout the United States.
In addition, Mr. Tuttle has served in multiple litigated court cases serving as an expert witness offering input related to best practices and requirements for securing and providing patient access to protected health information. Mr. Tuttle has also worked directly with the Office of Civil Rights (OCR) both in defending covered entities and business associates as well as being asked by the Federal government to audit covered entities and business associates on behalf of the OCR. Almost all of Brian’s clients are earned by referral with little or no advertising. Brian is well known and highly regarded in medical circles throughout the United States for his quality work and down-home southern charm.
Mr. Tuttle has a Master’s Degree in Health Sciences from Georgia State University and works nationally out of Kennesaw, GA with his wife Tiffany and two rescue dogs Willie and Butter Bean.
This lesson will be going into great detail regarding your practice or business information technology and how it relates to the HIPAA/HITECH Security Rule and securing PHI in transmission. I will go through multiple examples and specific scenarios and also offer simple common-sense solutions.
Areas covered will be texting, email, encryption, medical messaging, voice data, personal devices, and risk factors. I will uncover myths versus reality as it relates to this very enigmatic law based on over 1000 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors.
I will speak on specific experiences from over 18 years of experience in working as an outsourced compliance auditor, an expert witness on multiple HIPAA cases in state law, and thoroughly explain how patients are now able to get cash remedies for wrongful disclosures of private health information. More importantly, I will show you how to limit those risks by simply taking proactive steps and utilizing best practices. Don’t always believe what you read online about HIPAA, especially as it relates to encryption and IT, there are a lot of groups selling more than is necessarily required.
- Updates for 2018
- Policies regarding personal devices
- Portable devices – best practices
- Doctors and texting
- Practical solutions
- Business associates and the increased burden
- Emailing of PHI
- Texting of PHI
- Federal Audit Process
Who Should Attend
- Practice managers
- Any business associates who work with medical practices or hospitals (i.e. billing companies, transcription companies, IT companies, answering services, home health, coders, attorneys, etc)
- MD’s and other medical professionals
- Private practice
- Billing companies
- Transcriptions companies
- Home health groups
- Health insurance
- IT companies
Why Should Attend
Confused about all of the misinformation relating to HIPAA, what you can and can’t do? Let me get those questions FINALLY answered for you once and for all!. There is, unfortunately, a lot of confusion about transmissions of protected health information and what we as business associates and covered entities need to do and what we SHOULD NOT do. It is important to understand the new changes going on at Health and Human Services as it relates to the enforcement of HIPAA for both covered entities and business associates as it relates to portable devices, texting, emailing, and transmission in general of protected health information (PHI).
You need to know how to avoid being low hanging fruit in terms of audit risk as well as being sued by individuals who have had their PHI wrongfully discloses due to bad IT practices. I have also been an expert witness on multiple court cases where a business or medical practice is being sued for not doing their due diligence to minimize risk. These day’s trial attorney poses a higher risk than the Federal government.