Subscribe to Events Feeds

218 Results Found

Marketing Made Lean
9/4/2014 1:00 PM - 9/25/2014 5:00 PM
FVTC Oshkosh Riverside Campus Oshkosh United States
Event Listing
Summary:

The FVTC Venture Center Team has developed a 4-part, 16 hour workshop series, Marketing Made Lean for micro and small businesses. Marketing Made Lean will enable you to gain and retain customers while increasing sales and profit.

Marketing Made Lean
8/4/2014 1:00 PM - 8/25/2014 5:00 PM
FVTC Oshkosh Riverside Campus Oshkosh United States
Event Listing
Summary:

The FVTC Venture Center Team has developed a 4-part, 16 hour workshop series, Marketing Made Lean, for micro and small businesses. Marketing Made Lean will enable you to gain and retain customers while increasing sales and profit.

Marketing Made Lean
9/3/2014 1:00 PM - 9/24/2014 5:00 PM
FVTC Waupaca Regional Center Waupaca United States
Event Listing
Summary:

The FVTC Venture Center Team has developed a 4-part, 16 hour workshop series, Marketing Made Lean for micro and small businesses.Marketing Made Lean will enable you to gain and retain customers while increasing sales and profit.

Eseed Entrepreneurship Training
9/10/2014 6:00 AM - 12/8/2014 9:00 AM
FVTC Waupaca Regional Center Waupaca United States
Event Listing
Summary:

E-seed™ provides practical tools to prepare a business plan that can be applied immediately to your start-up or existing business. Gain awareness and expand your entrepreneurial and small business skills with these hands-on and interactive series.

Get Ready For the New HIPAA Audit Program Webinar By MentorHealth
8/13/2014 10:00 AM - 11:30 AM
online event Fremont, California United States
Event Listing
Summary:

Overview: In this session we will discuss the HIPAA audit program and how it works, and discuss the areas that caused the most issues in the 2012 audits. We will explore what kind of issues and what kind of entities had the most problems, and show where entities need to improve their compliance the most.

We will also explore the typical risk issues that lead to breaches of health information and see how those issues may be a target for auditors in 2014

We will review the contents of the HIPAA Audit Protocol used in 2012 to show what documentation needs to be on hand should your organization be selected for an audit in 2014

The HIPAA Audit Protocol is not easy to use in its incarnation as a Web-based tool, and it does have several deficiencies because of the changes in the rules that became enforceable September 23, 2013. We will present methods for using the contents of the HIPAA Audit Protocol to build your own compliance plan by extracting and updating the contents and relating your compliance activities directly to the questions that might be asked

In this session we will discuss the HIPAA audit and enforcement regulations and processes, and how they apply to HIPAA covered entities and business associates. We will explain the enforcement regulations and the recent changes that increase fines and create new penalty levels, including new penalties for willful neglect of compliance that begin at $10,000

We will discuss what information and documentation must be prepared in advance so that you can be ready for an audit at any time, including sample information request forms and questions asked at prior audits

The session will also cover how to know if you may become the subject of an audit or enforcement action, and what you can do to help limit your exposure. We will discuss how most enforcement actions come about and what can be done to prevent incidents that lead to enforcement activity

The HIPAA Privacy, Security, and Breach Notification regulations (and the recent changes to them) and how they will be audited will be explained. Documentation requirements for compliance will be explored and a framework of security policies necessary for compliance will be presented

The HIPAA Audit Protocol questions will be explored and ways of using the content to develop a compliance plan will be discussed. The process of exporting the questions will be shown, and a sample spreadsheet showing the results will be presented

The results of prior HHS audits (and their penalties) will be discussed, including recent actions involving multi-million dollar fines and settlements. A plan for attaining compliance will be presented. The steps to follow to prepare for an audit and respond to an audit request will be outlined

Why should you attend:

While in the past, audits had been performed only at entities that reported a breach or had a compliant filed against them, the new rule calls for audits whether or not there is a complaint or breach. This means that the HHS Office for Civil Rights (OCR) can show up and ask to perform an audit on short notice, and your organization will need to provide a response in less than ten business days. Knowing what questions are likely to be asked and have been asked at prior HIPAA compliance audits can make preparing for and surviving a HIPAA audit much easier.

USDHHS has published the protocol used for the 2012 HIPAA audits by the HHS contractors, so it is possible to know much better now how to prepare for an audit. Nearly any health care covered entity may be subject to an audit; all entities need to know what kinds of questions they'll be asked, what information they'll need to provide and how to prevent issues that could lead to violations and fines.

Areas of weakness as shown in the 2012 audits and as shown by breach reports are likely targets for the next round of audit questions, and HHS is sending out requests for information to 1200 covered entities and business associates to determine their suitability to be audited.

If your organization is not ready, the HIPAA rules have new, significantly higher fines, including mandatory minimum fines of $10,000 for willful neglect of compliance. In addition, HIPAA enforcement has taken on a new importance at HHS; officials have publicly stated that enforcement is now a priority, and that means being ready for an audit is more important than ever. The "slap-on-the-wrist" days are over and fines and settlements are being levied, with more on the way -- don't let your organization be hit for an audit unprepared.

Areas Covered in the Session:

Find out what the audit process is, what HHS OCR is likely to ask you if you are selected for an audit, and what you'll have to have prepared already when they do

Learn how to make the HIPAA Audit Protocol useful to you as a way to organize and track your compliance work, and collect your documentation references

Find out what you'll need to have documented to survive an audit and avoid fines

Learn how to use an information security management process to evaluate risks and make decisions about how best to protect PHI and meet patient needs and desires

Find out what policies and procedures you should have in place

Learn about the training and education that must take place and be documented to ensure your staff uses health information properly and does not risk exposure of PHI

Find out the steps that must be followed in the event of a breach of PHI

Learn about how the HIPAA audit and enforcement activities are now being increased and how you must be prepared or risk significant penalties

Who Will Benefit:

Compliance Director

CEO

CFO

Privacy Officer

Security Officer

Information Systems Manager

HIPAA Officer

Chief Information Officer

Health Information Manager

Healthcare Counsel/lawyer

Office Manager

Background :

The random HIPAA Compliance Audit program had a year of trial audits in 2012. The US Department of Health and Human Services has reviewed the results of that work and the HIPAA audit program is being restarted in 2014 based on what was learned from the 2012 audits.

Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities.

How to do a Risk Analysis Webinar By MentorHealth
8/14/2014 10:00 AM - 11:30 AM
online event Fremont, California United States
Event Listing
Summary:

Overview: If you cannot remember the last time your organization performed a HIPAA & HITECH Act Risk Analysis, or if you are unsure if your organization has ever performed a Risk Analysis, then this is the webinar for you. Jonathan P. Tomes will cover how to conduct a risk analysis and how to update it as necessary. Failure to conduct a written risk analysis qualifies as "willful neglect," which carries the highest civil money penalty ("CMP") and which penalty cannot be waived by DHHS as can violations due to a reasonable cause.

Because a risk analysis is a required implementation specification under the Security Rule, failure to do one is willful neglect. And the civil money penalties are not the only sanctions for not doing a risk analysis. The remediation costs for a breach that might have been prevented had a risk analysis been done can be much more than the CMP. Blue Cross Blue Shield of Tennessee not only had to pay the $1.5 million settlement, but also it incurred $17 million in remediation costs-costs that might have been avoided had it done an updated risk analysis.

Why should you attend: The majority of the DHHS civil money penalties and settlements in lieu thereof involve, sometimes with other violations, failure to perform a written risk analysis. These penalties usually are in the seven figure range. Blue Cross Blue Shield of Tennessee, for example, settled for $1.5 million for failing to update its risk analysis when its physical security situation changed. Other seven-figure settlements involved failure to do the required initial risk analysis.

Areas Covered in the Session:

What is risk analysis?

Why do you need to do one?

How to do one

Assemble a good team

Identify assets

Identify risks

Quantify risks

Select reasonable, appropriate, and cost effective security measures

Test and revise security measures

Particular areas to focus on (portable devices, social media, email, and the like)

Case study (will walk webinar attendees through the process)

Questions and answers

Who Will Benefit:

HIPAA compliance Officers

HIPAA Security Officers

HIPAA Privacy Officers

Human Resources Directors

Business Office Managers

Medical Records Personnel

Health Care Attorneys

Patient Accounts Managers

Business Associates

Background :

HIPAA requires a risk analysis of threats to protected health information (“PHI”). Even if risk analysis were not required, one cannot possibly implement reasonable and appropriate security measures to protect PHI without first having completed a risk analysis. If one implements a security measure without conducting a risk analysis, it is just guessing.

And most covered entities and business associates have not completed this most important compliance requirement. The Department of Health and Human Services (“DHHS”) recent audits of covered entities revealed that 47 out of 61 had not conducted a satisfactory risk analysis. This lack of risk analyses is likely because of neglect or failure to understand the need therefore and how to do one.

Jonathan P. Tomes , J.D., is a health care attorney and partner in the law firm of TOMES & DVORAK, CHARTERED. He has written more than 50 books, including The Compliance Guide to HIPAA and the DHHS Regulations, and dozens of articles in the area of HIPAA compliance.

Ways to Limit Your HIPAA Vulnerability and Liability Webinar By MentorHealth
8/28/2014 10:00 AM - 11:30 AM
online event Fremont, California United States
Event Listing
Summary:

Overview: Although there are many presentations, courses and services now available to help health care organizations to become HIPAA compliant, the real issue for the health care organization is to determine the most cost effective ways to understand their risks and to minimize the vulnerability to a breach and their liability when a breach does occur. This presentation focuses on understanding the responsibilities of the health care organization, the liabilities resulting from those responsibilities and the penalties that can be assessed as a result of a breach of patient protected health information.

The presentation addresses several issues relevant to both the vulnerability and the liability issues. First, the presentation describes how the health care organization can assess its HIPAA breach risk. The presentation discusses what a risk assessment is, why it is important and how to perform the risk assessment.

Based on the results of the risk assessment, the presentation takes the participants through how to mitigate these risks. This includes:

Issues that need to be addressed with the health care organization's software and hardware vendor(s)

The risks of a breach resulting from organizational members using social media, both inside the organization and at home; and,

The risks of a breach resulting from organizational members using mobile devices to access and store patient protected health information

The presentation also provides information regarding how the health care organization can use insurance to share the risk and how to keep insurance premiums to a minimum. At the conclusion of the presentation, the participant will have a checklist of items that can be used to understand and ways to limit the health care organizations HIPAA liabilities.

Why should you attend: There are so many ways a breach can occur - whether by accident, carelessness or or by intended actions. As a result, it is a common axiom that it is not if a health care organization will experience a breach, but when the health care organization will experience a breach.

The penalties for a HIPAA breach of a patient's protected health information can be severe. This includes monetary penalties as well as having to publicize your breach. We have all seen the newspaper articles and TV reports of large unauthorized disclosures of patient health information. If a disclosure includes the health information for 500 or more names, the health care organization must notify the Secretary of the Department of Health and Human Services (and this goes on the Office of Civil Rights web site for all to see) and notify local media (TV, Radio and newspapers).

Based on the Omnibus Rule, all business associates and agents of business associates have the same risk as the health care covered entities. Therefore, it is equally important for all business associates and agents of business associates to be cognizant of their vulnerabilities and liabilities.

This topic can be invaluable for an health care organization trying to understand their HIPAA vulnerability of a breach occurring and their liability when a breach does occur and looking for ways to minimize that vulnerability and liability. In discussing this topic, the presentation addresses opportunities for the health care organization to perform their risk assessments, as directed by the HIPAA regulations, how to mitigate the risks found in the assessment and some of the potential "safe harbors" that can reduce their risk.

The topic also spends considerable time reviewing the risks inherent in the traditional health care environment and provides references for the participant to address newer HIPAA breach risks resulting from the modern use of social media and the use of mobile devices.

Areas Covered in the Session:

Discuss what is a risk assessment and why it is important

Discuss how to assess the health care organization's risk and the vulnerability of a breach occurring

What is health care organization's liability when a breach occurs - including monetary penalties

The impact of the use of social media on the health care organization's HIPAA breach risk

The impact of the use of mobile devices on the health car organization's HIPAA breach risk

HIPAA's description of how to reduce the risk of a breach of electronic health information

The opportunities for acquiring HIPAA breach insurance

Who Will Benefit:

Chief Executive Officer

Chief Operating Officer

Managing Partner

Chief Financial Officer

Office Manager

Chief Risk Manager

IT Manager

Health Care Software Vendors wanting to ensure successful implementation

Jim Wener has over 40 years of experience in assisting health care organizations – both providers and payers- in identifying their automation requirements and helping these organizations select and successfully implement the automation most applicable for their needs. His systems and processes background and his experience in working with health care data has given Mr. Wener a unique perspective regarding the issues related to implementing new health care models and how they affect all of the stakeholders in the health care system.

Workplace Violence Plans Policies and Procedures Webinar By MentorHealth
8/19/2014 10:00 AM - 11:16 AM
online event Fremont, California United States
Event Listing
Summary:

Overview: The scope and impact of workplace violence in healthcare setting. How common is it? What is the financial cost? How does it impair the ability of a healthcare organization to provide quality care and attract as well as retain employees.

The four types of workplace violence and their associated risk factors.

Workplace violence prevention program elements including- Management Commitment and Employee Involvement: Without active participation from "C" level on down the effectiveness of workplace violence policies will be greatly reduced.

Worksite Analysis: Surveying the physical plant to identify hazards and deficiencies and recommend action to reduce the opportunity for and the likelihood of violence is often the best first step. A process for maintaining, reviewing and analyzing records of workplace violence incidents to determine how future occurrences could be prevented should be implemented.

Training and Education: Employees need to be trained on how to respond if confronted by violence or potential violence. The organization's policies, and the safety of patients, visitors and them employee must be covered. This should include the concept of "Universal Precautions for Violence", i.e., that violence should be expected, but can be avoided or mitigated through preparation. Employees should receive regular training on:

Early recognition of escalating behavior or warning signs

Ways to prevent volatile situations and de-escalate individuals

Protecting oneself and others in violent situations

Why should you attend: Workplace violence continues to emerge as an important issue in healthcare facilities. Violence against healthcare practitioners, including nurses, physicians, social workers, emergency responders, and others can foster medical errors, reduce patient satisfaction, contribute to preventable adverse outcomes, increase the cost of care, and cause qualified clinicians, administrators and managers to seek new positions in less hazardous work environments.

OSHA, state regulators, The Joint Commission of Health Care Accreditation, DNV and HFAP and various industry groups have begun to push for "universal precautions for violence". That is, that violence should be expected but can be avoided or mitigated through personal safety training. Frequent training also can reduce the likelihood of being assaulted.

Hospitals and healthcare facilities should, and generally do, employ a variety of safeguards and work diligently to maintain a safe place for employees, patients and visitors. Yet despite these effort workplace violence can never be completely prevented and healthcare campuses are vulnerable.

Incidents involving gunfire (So called "Active Shooter" events.) are the most spectacular and therefore draw most media attention. However, as this type of event is extremely rare in almost all communities, healthcare organization generally and management in particular may become complacent and adopt the belief that "Since it hasn't happened here, it can't happen here". This represents flawed logic, which is known as. "The Rule of Self-Exclusion." In many cases this rule remains enforce until or unless a fortunate close call or an unfortunate tragedy demonstrates the need for plans, policies and procedure to be implemented to prevent workplace violence and mitigate harm it when it occurs.

Taking proactive steps to address workplace violence directly benefits employers by providing:

Reduced exposure to liability and enforcement action in the event of an incidentRelated lawsuits result in average settlements of $600,000 and average jury awards of $3 Million

Comply with government and industry standards

Maintaining job satisfaction and reducing employee turnover

Establishing a hospital as an employer of choice

Providing some protection from increased Worker's Comp and other insurance premiums

Preventing adverse impact on the quality of patient care

Areas Covered in the Session:

Scope and Impact of Workplace Violence in the Healthcare Setting

The Four Types of Workplace Violence and Their Associated Risk Factors

Elements of an Effective Workplace Violence Program

Worksite Hazard Analysis

Universal Precautions for Violence

Who Will Benefit:

Risk Management

Security Directors, Managers & Officers

Education Professionals

Compliance Professionals

Safety Managers, Directors and Officers

Members of the Safety Team

Background :

Healthcare accounts for 18% of the workforce, but nearly half of all workplace violence happens to people in healthcare occupations.

Joe Rosner is the Director of Best Defense USA and nationally recognized expert on workplace violence and personal safety for health care and other occupations. He is the author of Street Smarts & Self Defense for Childrenas well books and articles on workplace violence prevention and personal safety for healthcare.

A Design Control Primer
8/13/2014 10:00 AM - 11:00 AM
Online Event Fremont, California United States
Event Listing
Summary:

This webinar will cover the basics of design controls, and provide recommendations for implementation of a compliant design control system. Also discussed will be deisgn control requirements for devices already in distribution. Documentation requirements for each design stage will be included as well.

Customer Interactions Law Policies Ethics
8/6/2014 10:00 AM - 11:00 AM
Online Event Fremont, California United States
Event Listing
Summary:

The proliferation of legal requirements (law and regulation) governing the financial relationships between medical product companies and the doctors who order their products has led to what can only be described as a tangled mess. Many device companies have had to add personnel, or employ expensive consultants in order to have a hope of complying.

Events Map