Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities.
Sheldon-Dean serves on the HIMSS Information Systems Security Workgroup, has co-chaired the Workgroup for Electronic Data Interchange Privacy and Security Workgroup, and is a recipient of the WEDI 2011 Award of Merit. He is a frequent speaker regarding HIPAA and information privacy and security compliance issues at seminars and conferences, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference in Washington, D.C.
Sheldon-Dean has more than 30 years of experience in policy analysis and implementation, business process analysis, information systems and software development. His experience includes leading the development of health care related Web sites; award-winning, best-selling commercial utility software; and mission-critical, fault-tolerant communications satellite control systems. In addition, he has eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master's degree from the Massachusetts Institute of Technology.
While the worldwide pandemic has prompted some relaxation of HIPAA requirements in specific circumstances to ease provision of medical services while preserving social distancing requirements and addressing emergency vaccination needs, enforcement of HIPAA has continued.
The session begins with overview of the HIPAA regulations and then continues with presentation of the specifics of the Privacy Rule, such as Individual Rights and Uses & Disclosures, and recent and expected changes to HIPAA and other rules such as 42 CFR Part 2 regarding Substance Use Disorder information, including the impacts of required changes in your practices to meet the rules.
The definition of a HIPAA Business Associate casts a wide net of healthcare business activities, including any business that creates, receives, maintains, or transmits any Protected Health Information on behalf of a HIPAA Covered Entity or Business Associate, and even sub-contractors of Business Associates are also treated as business associates, greatly expanding the pool of entities under regulation to some that may not even be aware they have become HIPAA Business Associates.
HIPAA Compliance has recently seen big changes in how the rules are enforced during the COVID-19 pandemic emergency and for individual access requests, long-overdue changes may be coming to regulations on Accounting of Disclosures of Protected Health Information (PHI), we can expect new rules regarding the HIPAA Notice of Privacy Practices and calling patients' cell phones, and a little-used HIPAA right may become a hot topic if the Affordable Care Act is threatened.
This session is designed to provide intensive training in HIPAA Privacy Rule compliance designed for both the seasoned HIPAA professional as well as the individual newly appointed to the position of HIPAA Privacy Officer.
This seminar is designed to provide intensive training in HIPAA Security and Breach Notification Rule compliance designed for both the seasoned HIPAA professional as well as the individual newly appointed to the position of HIPAA Security Officer.
Professional communications involving Protected Health Information must be conducted securely, according to guidance from HHS and any reasonable Risk Analysis required by the Security Rule, so any office communications must be carefully controlled to avoid breaches of PHI.