Recorded Webinars

Paul R. Hales

HIPAA Rules for Social Media, Web Sites & Patient Reviews

Health care is a profession and also a highly competitive business.

Paul R. Hales

AI, Health Care & HIPAA - New Compliance Challenges

Artificial Intelligence (AI) is transforming health care, drawing on vast resources of health information to reshape everything from diagnosis to treatment, payment, health care operations, research and much more.

Paul R. Hales

Update - Intensified Battle over OCR & FTC Tracking Tech Enforcement

Online Tracking Technologies capturing individual health information are suddenly in the cross hairs of government regulators and private people bringing class action lawsuits.

Paul R. Hales

HHS Mandatory Email & Text Message Encryption Rules with Only One Exception for Informed Patients

HHS and CMS have confirmed the requirement that all Emails and Text Messages containing Protected Health Information (PHI) must be encrypted. There is only one exception. Patients have the absolute right to communicate with Covered Entities by unencrypted email and text message - if the patients have been informed there is some level of risk and prefer using unencrypted electronic transmissions.

Paul R. Hales

HHS Mandatory Email & Text Message Encryption Rules with Only One Exception for Informed Patients

HHS and CMS have confirmed the requirement that all Emails and Text Messages containing Protected Health Information (PHI) must be encrypted. There is only one exception. Patients have the absolute right to communicate with Covered Entities by unencrypted email and text message - if the patients have been informed there is some level of risk and prefer using unencrypted electronic transmissions.

Paul R. Hales

AI, Health Care & HIPAA - New Compliance Challenges

Artificial Intelligence (AI) is transforming health care, drawing on vast resources of health information to reshape everything from diagnosis to treatment, payment, health care operations, research and much more.

Paul R. Hales

HIPAA Rules for Social Media, Web Sites & Patient Reviews

The Internet is jam-packed with unwitting but highly visible HIPAA violations committed by Covered Entities on their social media pages like Facebook, their organization's web site, patient testimonials they post and their responses to patient reviews - whether the review is positive or negative.

Paul R. Hales

HHS Mandatory Email & Text Message Encryption Rules with Only One Exception for Informed Patients

HHS and CMS have confirmed the requirement that all Emails and Text Messages containing Protected Health Information (PHI) must be encrypted. There is only one exception. Patients have the absolute right to communicate with Covered Entities by unencrypted email and text message - if the patients have been informed there is some level of risk and prefer using unencrypted electronic transmissions.

Paul R. Hales

AI, Health Care & HIPAA - New Compliance Challenges

Artificial Intelligence (AI) is transforming health care, drawing on vast resources of health information to reshape everything from diagnosis to treatment, payment, health care operations, research and much more.

Paul R. Hales

HIPAA Rules for Social Media, Web Sites & Patient Reviews

The Internet is jam-packed with unwitting but highly visible HIPAA violations committed by Covered Entities on their social media pages like Facebook, their organization's web site, patient testimonials they post and their responses to patient reviews - whether the review is positive or negative.

Paul R. Hales

New HIPAA Encryption Rules for Email & Text Message and Mandatory Exception for Patients

Regular (unencrypted) Email and Text Messaging containing Protected Health Information (PHI) are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales

How to do HIPAA Risk Analysis & Risk Management Step-by-Step

The HIPAA Rules require Covered Entities and Business Associates to do Risk Analysis and Risk Management (RA-RM) but do not explain how to do them. OCR consistently calls Risk Analysis the foundation of every HIPAA Compliance program.

Paul R. Hales

HIPAA Rules for Web Sites, Social Media, & Patient Reviews

The Internet is flooded with highly visible, dangerous HIPAA violations committed unknowingly by health care providers on their websites, their social media like Facebook, and in posting or responding to Patient Reviews about the quality - good or bad - of the health care provider service.

Paul R. Hales

HIPAA Compliance for Remote Workers

Remote work involving PHI is here to stay - at least for a while: The Covid-19 Public Health Emergency has ended. But one effect of the pandemic remains - some covered entity and business associate staff continue to work at home or other remote locations where their duties involve receiving, creating, maintaining and transmitting protected health information (PHI).

Paul R. Hales

New HIPAA Encryption Rules for Email & Text Message and Mandatory Exception for Patients

Regular (unencrypted) Email and Text Messaging containing Protected Health Information (PHI) are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales

How to do HIPAA Risk Analysis & Risk Management Step-by-Step

The HIPAA Rules require Covered Entities and Business Associates to do Risk Analysis and Risk Management (RA-RM) but do not explain how to do them. OCR consistently calls Risk Analysis the foundation of every HIPAA Compliance program.

Paul R. Hales

HIPAA Rules for Web Sites, Social Media, & Patient Reviews

The Internet is flooded with highly visible, dangerous HIPAA violations committed unknowingly by health care providers on their websites, their social media like Facebook, and in posting or responding to Patient Reviews about the quality - good or bad - of the health care provider service.

Paul R. Hales

How to do HIPAA Risk Analysis & Risk Management Step-by-Step

The HIPAA Rules require Covered Entities and Business Associates to do Risk Analysis and Risk Management (RA-RM) but do not explain how to do them. OCR consistently calls Risk Analysis the foundation of every HIPAA Compliance program.

Paul R. Hales

HIPAA Rules for Web Sites, Social Media, & Patient Reviews

The Internet is flooded with highly visible, dangerous HIPAA violations committed unknowingly by health care providers on their websites, their social media like Facebook, and in posting or responding to Patient Reviews about the quality - good or bad - of the health care provider service.

Paul R. Hales

HHS Mandatory Email & Text Message Encryption Rules with Only One Exception for Informed Patients

HHS and CMS have confirmed the requirement that all Emails and Text Messages containing Protected Health Information (PHI) must be encrypted. There is only one exception. Patients have the absolute right to communicate with Covered Entities by unencrypted email and text message - if the patients have been informed there is some level of risk and prefer using unencrypted electronic transmissions.

Paul R. Hales

How to do HIPAA Risk Analysis & Risk Management Step-by-Step

The HIPAA Rules require Covered Entities and Business Associates to do Risk Analysis and Risk Management (RA-RM) but do not explain how to do them. OCR consistently calls Risk Analysis the foundation of every HIPAA Compliance program.

Paul R. Hales

HHS Mandatory Email & Text Message Encryption Rules with Only One Exception for Informed Patients

HHS and CMS have confirmed the requirement that all Emails and Text Messages containing Protected Health Information (PHI) must be encrypted. There is only one exception. Patients have the absolute right to communicate with Covered Entities by unencrypted email and text message - if the patients have been informed there is some level of risk and prefer using unencrypted electronic transmissions.

Paul R. Hales

HHS Mandatory Email & Text Message Encryption Rules with Only One Exception for Informed Patients

HHS and CMS have confirmed the requirement that all Emails and Text Messages containing Protected Health Information (PHI) must be encrypted. There is only one exception. Patients have the absolute right to communicate with Covered Entities by unencrypted email and text message - if the patients have been informed there is some level of risk and prefer using unencrypted electronic transmissions.

Paul R. Hales

HHS Mandatory Email & Text Message Encryption Rules with Only One Exception for Informed Patients

HHS and CMS have confirmed the requirement that all Emails and Text Messages containing Protected Health Information (PHI) must be encrypted. There is only one exception. Patients have the absolute right to communicate with Covered Entities by unencrypted email and text message - if the patients have been informed there is some level of risk and prefer using unencrypted electronic transmissions.

Paul R. Hales

How to do HIPAA Risk Analysis & Risk Management Step-by-Step

The HIPAA Rules require Covered Entities and Business Associates to do Risk Analysis and Risk Management (RA-RM) but do not explain how to do them. OCR consistently calls Risk Analysis the foundation of every HIPAA Compliance program.

Paul R. Hales

HHS Mandatory Email & Text Message Encryption Rules with Only One Exception for Informed Patients

HHS and CMS have confirmed the requirement that all Emails and Text Messages containing Protected Health Information (PHI) must be encrypted. There is only one exception. Patients have the absolute right to communicate with Covered Entities by unencrypted email and text message - if the patients have been informed there is some level of risk and prefer using unencrypted electronic transmissions.

Paul R. Hales

HIPAA Compliance for Remote Workers

Covid-19 suddenly made widespread maintenance, transmission and receipt of protected health information (PHI) by people working remotely from home a new reality - and exposed that PHI to significant HIPAA breach risks. Protocols to protect PHI during remote work had to be developed quickly on the fly with little time to train or properly equip workforce members. It’s not surprising that many remote work HIPAA protocols are incomplete and slapdash patchworks because covered entities faced unprecedented patient surges and focused on meeting vital patient care obligations. Business associates had to continue serving covered entities while quickly hit by unexpected stay-at-home orders and social distancing requirements in the office.

Paul R. Hales

HHS Mandatory Email & Text Message Encryption Rules with Only One Exception for Informed Patients

HHS and CMS have confirmed the requirement that all Emails and Text Messages containing Protected Health Information (PHI) must be encrypted.

Paul R. Hales

New HIPAA Rules for Text Messaging & Email

Regular (unencrypted) Email and Text Messaging containing Protected Health Information (PHI) are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales

HHS Mandatory Email & Text Message Encryption Rules with Only One Exception for Informed Patients

HHS and CMS have confirmed the requirement that all Emails and Text Messages containing Protected Health Information (PHI) must be encrypted.

Paul R. Hales

HHS Mandatory Email & Text Message Encryption Rules with Only One Exception for Informed Patients

HHS and CMS have confirmed the requirement that all Emails and Text Messages containing Protected Health Information (PHI) must be encrypted.

Paul R. Hales

New HIPAA Rules for Text Messaging & Email

Regular (unencrypted) Email and Text Messaging containing Protected Health Information (PHI) are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales

New HIPAA Encryption Rules for Email & Text Message and Mandatory Exception for Patients

Regular (unencrypted) Email and Text Messaging containing Protected Health Information (PHI) are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales

NIST/OCR–HIPAA Risk Analysis & Risk Management Explained Step-by-Step

Risk Analysis and Risk Management (RA-RM) are OCR’s top enforcement priority and the basis of every HIPAA Compliance program. RA-RM steps are easy to follow - if you know the steps. But the HIPAA Rules do not lay out specific RA-RM steps. According to OCR the HIPAA RA-RM steps are easy to find. They simply are certain procedures explained by the National Institute of Standards and Technology (NIST) in manuals that are free to download.

Paul R. Hales

HHS Mandatory Email & Text Message Encryption Rules with Only One Exception for Informed Patients

HHS and CMS have confirmed the requirement that all Emails and Text Messages containing Protected Health Information (PHI) must be encrypted.

Paul R. Hales

HHS Mandatory Email & Text Message Encryption Rules with Only One Exception for Informed Patients

HHS and CMS have confirmed the requirement that all Emails and Text Messages containing Protected Health Information (PHI) must be encrypted.

Paul R. Hales

New HIPAA Rules for Text Messaging & Email

Regular (unencrypted) Email and Text Messaging containing Protected Health Information (PHI) are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales

New HIPAA Encryption Rules for Email & Text Message and Mandatory Exception for Patients

Regular (unencrypted) Email and Text Messaging containing Protected Health Information (PHI) are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales

HIPAA Rules for Social Media, Web Sites & Patient Reviews

The Internet is jam-packed with unwitting but highly visible HIPAA violations committed by Covered Entities on their social media pages like Facebook, their organization's web site, patient testimonials they post and their responses to patient reviews - whether the review is positive or negative.

Paul R. Hales

New HIPAA Rules for Text Messaging & Email

Regular (unencrypted) Email and Text Messaging containing Protected Health Information (PHI) are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales

New HIPAA Encryption Rules for Email & Text Message and Mandatory Exception for Patients

Regular (unencrypted) Email and Text Messaging containing Protected Health Information (PHI) are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales

New HIPAA Rules for Text Messaging & Email

Regular (unencrypted) Email and Text Messaging containing Protected Health Information (PHI) are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales

HIPAA Rules for Social Media, Web Sites & Patient Reviews

The Internet is jam-packed with unwitting but highly visible HIPAA violations committed by Covered Entities on their social media pages like Facebook, their organization's web site, patient testimonials they post and their responses to patient reviews - whether the review is positive or negative.

Paul R. Hales

New HIPAA Encryption Rules for Email & Text Message and Mandatory Exception for Patients

Regular (unencrypted) Email and Text Messaging are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales

OCR Compliance Plus - Step-by-Step HIPAA Risk Analysis & Risk Management

Risk Analysis and Risk Management (RA-RM) are OCR's top enforcement priority and the basis for every HIPAA Compliance program.

Paul R. Hales

New HIPAA Rules for Text Messaging & Email

Regular (unencrypted) Email and Text Messaging are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales

New HIPAA Rules for Text Messaging & Email

Regular (unencrypted) Email and Text Messaging are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales

New HIPAA Rules for Text Messaging & Email

Regular (unencrypted) Email and Text Messaging are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales

How to do a HIPAA Risk Analysis

This lesson is designed to enable your Organization to perform a complete Risk Analysis of all PHI it creates, receives, maintains or transmits in any format. You will understand and identify threats, vulnerabilities and risks to your organization's PHI wherever it is located.

Paul R. Hales

New HIPAA Rules for Text Messaging & Email

Regular (unencrypted) Email and Text Messaging are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales

Avoid Business Associate Danger! - HIPAA BA Compliance Explained

Business Associate HIPAA violations are in the spotlight - and in the crosshairs of OCR regulators and class action lawyers. Covered Entities can be directly and equally liable for costs of violations by their Business Associates due the little known Federal Common Law of Agency incorporated in the HIPAA Enforcement Rule.

Paul R. Hales

MACRA-MIPS & Mandatory HIPAA Risk Analysis - Risk Management

The Medicare & Medicaid EHR Incentive Programs have changed since they began in 2011 and were widely known as Stage 1 Meaningful Use (MU).

Paul R. Hales

New COVID-19 Telehealth HIPAA & Medicare Compliance Updates

The COVID-19 emergency brought major changes to HIPAA and Medicare Rules for Telehealth/Telemedicine.

Paul R. Hales

New HIPAA Encryption Rules for Email & Text Message and Mandatory Exception for Patients

Regular (unencrypted) Email and Text Messaging are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales

Patient Engagement - HIPAA Rules for Websites

This session will explain the HIPAA Rules for Web Sites and Social Media. The secret is - HIPAA Rules are easy to follow, step-by-step - when you know the steps. The HIPAA Rules, HHS/OCR guidance, Resolution Agreements provide a simple, easy to use blueprint using your Web Site and Social Media to engage patients and comply with HIPAA.

Paul R. Hales

How to do a HIPAA Risk Analysis

This lesson is designed to enable your Organization to perform a complete Risk Analysis of all PHI it creates, receives, maintains or transmits in any format. You will understand and identify threats, vulnerabilities and risks to your organization's PHI wherever it is located.

Paul R. Hales

New HIPAA Encryption Rules for Email & Text Message and Mandatory Exception for Patients

Regular (unencrypted) Email and Text Messaging are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales

New HIPAA Encryption Rules for Email & Text Message and Mandatory Exception for Patients

Regular (unencrypted) Email and Text Messaging are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales

HIPAA Risk Analysis & Risk Management - HHS/NIST Process Explained Step-by-Step

Risk Analysis and Risk Management (RA-RM) are OCR's top enforcement priority and the basis for every HIPAA Compliance program.

Paul R. Hales

Patient Engagement - HIPAA Rules for Websites

This session will explain the HIPAA Rules for Web Sites and Social Media. The secret is - HIPAA Rules are easy to follow, step-by-step - when you know the steps. The HIPAA Rules, HHS/OCR guidance, Resolution Agreements provide a simple, easy to use blueprint using your Web Site and Social Media to engage patients and comply with HIPAA.




Filters