New Guidance on De-Identifying Protected Health Information under HIPAA

Monday, August 13 | 10:00 am - 11:30 am

Training Options Duration: 90 Minutes Monday, August 13, 2018 | 10:00 AM PDT | 01:00 PM EDT

Overview: This webinar will be addressing the ins and outs of identifying what is and

what is not PHI, proper ways to disclose this information, common sense security methods, what

we can and can’t do under HIPAA relating to disclosures, and how to properly investigate a

breach (or a suspected breach). We will also be addressing how practice/business managers (or

compliance offers) need to get their HIPAA house in order before the imminent audits occur.

It will also address major changes under the Omnibus Rule and any other applicable updates

relating to protected health information Additional areas covered will be texting, email,

encryption, medical messaging, voice data and risk factors as they relate to IT. The primary

goal is to ensure everyone is well educated on what is myth and what is reality with this law,

there is so much misleading information all over regarding the do’s and don’ts with HIPAA -I

want to add clarity for compliance officers.

I will uncover myths versus reality as it relates to this very enigmatic law based on over 1000

risk assessments performed as well as years of experience in dealing directly with the Office

of Civil Rights HIPAA auditors. I will also speak to real life litigated cases I have worked

where HIPAA is being used to justify state cases of negligence -THIS IS BECOMING A HUGE RISK!

In addition, this course will cover the highest risk factors for being sued as well as being

audited (these two items tend to go hand in hand).

Why should you Attend: Are you clear on what constitutes identifiable health information vs

none identifiable health information? It can be very confusing and frustrating to say the

least. Since the HIPAA Omnibus Final ruling, the Federal government has expanded the definition

of what constituted PHI.

Is your staff trained to understand the new risks and definitions? Do you have written policy in place relating to this? Do you have an affective HIPAA compliance program? New laws and funding mean increased risk for both business associates and covered entities! HIPAA Omnibus -Do you know what’s involved and what you need to do? What does Omnibus mean for covered entities and business associates? Why should you be concerned? Court cases that are changing the landscape of HIPAA and patient’s ability to sue!


It is important to understand the new changes going on at Health and Human Services as it

relates to enforcement of HIPAA for both covered entities and business associates as it relates

to what we need to do as compliance officers.You need to know how to avoid being low hanging

fruit in terms of audit risk as well as being sued by individuals who have had their PHI

wrongfully discloses due to bad IT or internal administrative practices.

Areas Covered in the Session: What is PHI What Constitutes Identifiable PHI What is “de-indentified” PHI How to Investigate a Possible breach and Conclude whether the incident Constituted a Breach or

not How to properly Notify if a Breach Occurs Requirements of Compliance Officers Real life Litigated Cases BYOD Portable Devices Business Associates and the Increased Burden Emailing of PHI Texting of PHI Federal Audit Process HIPAA and Suing -how this Works Risk Assessment Best Resources

Who Will Benefit: Practice Managers Any Business Associates who work with Medical Practices or Hospitals (i.e. Billing Companies,

Transcription Companies, IT Companies, Answering Services, Home Health, Coders, Attorneys, etc) MD’s and other Medical Professionals

Speaker Profile Brian L Tuttle, CPHIT, CHP, CBRA, Net+, A+, CCNA, MCP is a Certified Professional in Health IT

(CPHIT), Certified HIPAA Professional (CHP), Certified HIPAA Administrator (CHA), Certified

Business Resilience Auditor (CBRA), Certified Information Systems Security Professional (CISSP)

with over 18 years’ experience in Health IT and Compliance Consulting. With vast experience in

health IT systems (i.e. practice management, EHR systems, imaging, transcription, medical

messaging, etc.) as well as over 18 years’ experience in standard Health IT with multiple

certifications and hands-on knowledge, Brian serves as compliance consultant and has conducted

onsite and remote risk assessments for over 1000 medical practices, hospitals, health

departments, insurance plans, and business associates throughout the United States.

In addition, Mr Tuttle has served in multiple litigated court cases serving as an expert

witness offering input related to best practices and requirements for securing and providing

patient access to protected health information. Mr. Tuttle has also worked directly with the

Office of Civil Rights (OCR) both in defending covered entities and business associates as well

as being asked by the Federal government to audit covered entities and business associates on

behalf of the OCR. Almost all of Brian’s clients are earned by referral with little or no


Brian is well known and highly regarded in medical circles throughout the United States for his

quality work and down home southern charm Mr Tuttle has a Master’s Degree in Health Sciences

from Georgia State University and works nationally out of Kennesaw, GA

Price – $139

Contact Info: Netzealous LLC – MentorHealth Phone No: 1-800-385-1607 Fax: 302-288-6884 Email: Website: Webinar Sponsorship: Follow us on : Follow us on : Follow us on :

Event Location

Event Location
  • Online Event
  • Online
  • Fremont
Visit Event WebsiteGet Directions!