The Safe Harbor Law: A Practical Approach
Raymond Ribble is the CEO and Founder at SPHER, Inc. a market-leading compliance analytics, cyber-security solution addressing: HIPAA compliance, State Privacy Laws, and ePHI security threats and our expert presenter for this webinar. HIPAA data breach penalties typically get measured in millions of dollars even following an organization implementing NIST cybersecurity framework measures. With the new HIPAA Safe Harbor Law, HHS and OCR may consider increased penalty mitigation when an organization can demonstrate it has been following established good security practices. Our presentation will examine what are the established security practices for healthcare, and how to pivot your organization's security profile in order to mitigate breach penalties in the event of an event.
Appreciating the Content of a Business Associate Agreement
Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX will be presenting with us. Business Associate Agreements (BAA) are not new; however, some individuals are new to healthcare and others never understood what a BAA is exactly. A BAA is a contract that fundamentally gives assurances that the parties are complying with the Security Rule and Privacy Rule, setting parameters in the event of a reportable security incident or a breach, and states how the sensitive data will be returned and destroyed at the end of the relationship. Some of the items in a BAA are required, while others are optional but common. This presentation not only seeks to dispel myths about why certain language is prevalent in nearly all BAAs, but also provides insight into other provisions, and items for consideration, in light of the 21st Century Cures Act.