2-day In-person Seminar

Master Class for the HIPAA Officer: Protecting Patient Information and Implementing Today's Privacy, Security, and Breach Regulations


March 8th & 9th, 2018

Time: 9:00 AM to 5:00 PM

Minneapolis - St Paul, Minnesota

Venue: Embassy Suites by Hilton Minneapolis Airport


Director : Jim Sheldon-Dean

**Please note the registration will be closed 2 days (48 Hours) prior to the date of the seminar.

  Price: $1,495.00
(Seminar Fee for One Delegate)

  Register for 5 attendees   Price: $4,485.00
      $7,475.00 You Save: $2,990.00 (40%)*

  Register for 10 attendees   Price: $8,222.00
      $14,950.00 You Save: $6,728.00 (45%)*

Day one begins with an overview of the HIPAA regulations including HIPAA Breach Notification and the process that must be used to determine whether or not a breach is reportable, and then continues with presentation of the specifics of the Privacy Rule, recent changes to the rules, and the basics of the Security Rule. Organizational issues and structures, such as hybrid entities, affiliated covered entities (ACEs), organized healthcare arrangements (OHCAs), and HIPAA Business Associates (BAs) are explained.

Rules about Patient Rights and the limitations on uses and disclosures by covered entities will be explained, including recent guidance on access of PHI by individuals and sharing information with family and friends of a patient, particularly in cases of opioid abuse. Discussion will include the impacts of Security issues such as Ransomware and Insider attacks, of the potential repeal of the Affordable Care Act, and other potential changes in the rules, guidance, and implementation.

Day two begins with a detailed examination of HIPAA Security Rule requirements and what must be done to survive audits by the US Department of Health and Human Services, including an examination of how risk analysis can be used to drive compliance by the systematic examination of information flows and mitigation of risks discovered, and an exploration of the official HHS HIPAA Audit Protocol, including how to use the protocol to help manage your compliance work and its documentation.

The day continues with an exploration of typical risks, including Ransomware, modern technologies like texting, e-mail, and portable devices, and issues of planning risk mitigation and the necessary follow-up. Finally, the day concludes with a session on the essential activities of documenting policies, procedures, and activities, training staff and managers in the issues and policies they need to know about, and examining compliance readiness through drills and self-audits, finishing up with a look at long-term compliance planning and making sure you stay ahead of compliance needs.


Why you should attend:

The HIPAA Officer in any HIPAA covered entity has a great deal of responsibility, and the right answers to compliance questions are not always obvious. The HIPAA Regulations carry significant obligations to protect the privacy and security of Protected Health Information, and significant penalties in the millions of dollars can result from non-compliance.

Even if you have worked on your HIPAA compliance in the past, you could be out of compliance today because of the changes to the rules, new guidance, changes in how you do business and manage PHI, changes to the threats to privacy and security, and even changes in other laws and policies not directly related to HIPAA.

All of these changes have an impact on your HIPAA compliance, and if you don�t keep up, you are leaving yourself open to complaints and enforcement investigations. The HIPAA Officer needs to be up-to-date on the latest issues and be ready to review all the aspects of HIPAA compliance now, to be sure you are working in the right direction and are addressing the issues of greatest importance.

Areas of the rules that have shown compliance problems in the past are now targeted with guidance and audits to improve and verify compliance. There is new guidance on dealing with issues of opioid incidents. And new threats from insiders and Ransomware could expose or destroy your private information and harm your patients. There is plenty that can go wrong with HIPAA compliance, but with the right training and resources you have a chance to make your patients happy and stay out of trouble.


Who will benefit:

  • HIPAA Privacy Officers
  • HIPAA Security Officers
  • Information Security Officers
  • Risk Managers
  • Compliance Officers
  • Privacy Officers
  • Health Information Managers
  • Information Technology Managers
  • Medical Office Managers
  • Chief Financial Officers
  • Systems Managers
  • Legal Counsel
  • Operations Directors

Day 1 Schedule


Lecture 1:

Overview of HIPAA Regulations

  • The Origins and Purposes of HIPAA
  • Privacy Rule History and Objectives; Organizational Structures
  • Security Rule History and Objectives; Current Hot Topics in Security
  • Breach Notification Overview and Analysis of Duty to Report

Lecture 2:

HIPAA Privacy Rule Principles, Policies, Procedures and Issues

  • Patient Rights under HIPAA, including Rights of Access
  • Limitations on Uses and Disclosures
  • Sharing Information with Family and Friends
  • Required Policies and Procedures, Training and Documentation

Lecture 3:

Special Topics of Current Interest in HIPAA Compliance

  • The HIPAA Audit Program Results and Expectations
  • The ACA and Patient Rights to Restrict Disclosures to Health Plans
  • Expected New Accounting of Disclosures Rules
  • Marketing to Patients Using New Technologies

Lecture 4:

HIPAA Security Rule Principles

  • General Rules and Flexibility Provisions
  • The Role of Risk Analysis
  • Learning from Breaches and Enforcement Actions
  • Security Safeguards, Training and Documentation

Day 2 Schedule


Lecture 1:

HIPAA Security Policies and Procedures and Audits

  • HIPAA Security Policy Framework and Sample Security Policy Content
  • New Policies and New Guidance from NIST
  • Preventing Ransomware Issues
  • Discovering Improper Insider Activity

Lecture 2:

Risk Analysis for Security and Meaningful Use

  • Principles of Risk Analysis for Information Security
  • Information Security Management Process
  • Risk Analysis Methods
  • Risk Analysis Example

Lecture 3:

Risk Mitigation and Compliance Remediation

  • Typical Security Risks
  • Social Media, Texting, e-mail, and Privacy
  • Dealing with Portable Devices and Remote Access
  • Compliance Planning

Lecture 4:

Documentation, Training, Drills, Self-Audits, and Long Term Compliance Planning

  • How to Organize and Use Documentation to Your Advantage
  • Training Methods and Compliance Improvement
  • Conducting Drills in Incident and Audit Response
  • Using the HIPAA Audit Protocol for Documentation and Self-Auditing
  • Planning your Compliance Work into the Future


Want to register by P.O/Check?
We facilitate registration by P.O/Checks!
Complete your registration in just a few easy steps
Please just download, fill out the registration form and send it to us either by email to support@globalcompliancepanel.com or just fax us at 302 288 6884.
Once the form is received, an invoice will be generated and sent back to your fax number.
Following this just send us your purchase order by fax at 302 288 6884
Click here to download Registration form
In case you wish to register by using check
In case you wish to register by using check, please make a check to NetZealous LLC DBA GlobalCompliancePanel.com and mail it to the below address.
NetZealous LLC,
DBA GlobalCompliancePanel,
161 Mission Falls Lane,
Suite 216, Fremont, CA 94539, USA
Phone: 1800 447 9407

Want to register by Wire Transfer?
Please call any of our representatives on 1800 447 9407 to help you completed the transfer.
Group participations
Get fabulous discounts by participating in groups of two or more.
No Attendees Discount
1 2 Attendees 10% off
2 3 to 6 Attendees 20% off
3 7 to 10 Attendees 25% off
4 10+ Attendees 30% off

To avail the above group discounts, all the participants should register by making a single payment

Call our representative TODAY on 1800 447 9407 to have your seats confirmed!

Jim Sheldon-Dean

Director of Compliance Services, Lewis Creek Systems, LLC

Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities. He is a frequent speaker regarding HIPAA, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference. Sheldon-Dean has more than 18 years of experience specializing in HIPAA compliance, more than 36 years of experience in policy analysis and implementation, business process analysis, information systems and software development, and eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master's degree from the Massachusetts Institute of Technology.



Location: Minneapolis - St Paul, Minnesota Hotel: Embassy Suites by Hilton Minneapolis Airport   7901 34th Ave South, Bloomington, MN 55425

Copyright © 2017 GlobalCompliancePanel. All rights reserved. Netzealous