"The use of this seal is not an endorsement by the HR Certification Institute of the quality of the program. It means that this program has met the HR Certification Institute's criteria to be pre-approved for recertification credit."

"This program, has been approved for 1 (General ) recertification credit hours toward PHR, SPHR and GPHR recertification through the HR Certification Institute. Please be sure to note the program ID number on your recertification application form. For more information about certification or recertification, please visit the HR Certification Institute website at www.hrci.org."

Overview: This is an intermediate webinar that assumes a basic level of understanding of the privacy and security rules under HIPAA. The webinar will begin with a review of some of the basic rules under HIPAA. This review will address the overall structure of the HIPAA law and regulations, the definition of a Covered Entity, the definition of a Group Health Plan and examples of Group Health Plans, the duties of a Covered Entity, the definition of a Business Associate, examples of Business Associates, definitions of Protected Health Information (PHI) and electronic PHI, the permitted and prohibited uses and disclosures of Protected Health Information, the "minimum necessary" rule and the general requirements of the security rules. The webinar will then review the changes to HIPAA made by the HITECH Act and the new regulations under HIPAA, which reflect the HITECH Act, GINA and other changes. The webinar will describe how the HITECH Act extends privacy and security obligations to Business Associates.

The webinar will also describe the new notifications that are required following a breach of unsecured electronic PHI. The webinar will also describe the increased penalties for violations. The webinar will describe how the final modifications to the HIPAA Privacy, Security, and Enforcement Rules make Business Associates directly liable for compliance for certain HIPAA requirements, expand individuals' rights to receive electronic copies of their health information, require modifications to, and redistribution of, a Covered Entity's Notice of Privacy Practices, modify the individual authorization and other requirements to facilitate research and disclosure of child immunization proof to schools, and to enable access to decedent information by family members, incorporate the increased and tiered civil money penalty structure provided by the HITECH Act and prohibit most health plans from using or disclosing genetic information for underwriting purposes, as required by GINA. The webinar will discuss the circumstances under which it is permissible to send unencrypted emails. The webinar will discuss the guidance regarding what constitutes unsecured electronic PHI and review the exhaustive list of what constitutes secured electronic protected health information. The webinar will discuss the definition of a breach and the new requirement that a breach must be presumed, unless an assessment determines that a breach has not occurred and the scope of the necessary assessment will be described. The webinar will also describe the changes that will be required to privacy notices and the deadlines for complying, which differ for paper notices and notices on web sites.

The webinar will discuss the fact that Covered Entities are now liable for the actions of their Business Associates. Covered Entities and Business Associates must comply with the new regulations by September 23, 2013. If privacy notices and Business Associate Agreements have already been amended to reflect the HITECH statute, any additional changes required by the regulations do not need to be made until September 23, 2014. The webinar will close with a review of the latest guidance from the Department of Health and Human Services with regard to keeping mobile devices secure.

Areas Covered in the Session:

• Review of the Basics of HIPAA Privacy and Security
• HITECH Act
• GINA
• New Regulations

Who Will Benefit:

• Vice President of Human Resources
• Director of Compensation and Benefits
• Benefit Manager
• Benefit Specialist
• Insurance Agent
• Insurance Broker
• Employee Benefits Consultant
• Group Insurance Representative