1st Talk Compliance features guest Lauren Moak Russell, Counsel at Young Conaway Stargatt & Taylor, LLP in Wilmington, Delaware, on the topic of “A Harassment-Free Workplace vs the Right to Engage in Concerted Activity.” Lauren joins our host Catherine Short to discuss how the National Labor Relations Board under the Biden Administration has expressed a renewed interest in expanding its influence into non-unionized work forces. This includes reviewing and–in the right circumstances challenging–employers’ use of workplace civility, confidentiality, and anti-harassment policies. Listen as we discuss what you need to know to safely navigate the National Labor Relations Act while ensuring that your employees enjoy a safe and respectful work environment.
The Safe Harbor Law: A Practical Approach – Audio Version of the Webinar
Raymond Ribble is the CEO and Founder at SPHER, Inc. HIPAA data breach penalties typically get measured in millions of dollars even following an organization implementing NIST cybersecurity framework measures. It is important to understand that the Safe Harbor Law, while offering substantial protection, does not provide a true safe harbor. Our presentation will examine what are the established security practices for healthcare, and how to pivot your organization’s security profile in order to mitigate breach penalties in the event of an event.
The Risk of Data Sharing
1st Talk Compliance features guest Iliana L. Peters, Shareholder at Polsinelli PC, on the topic of The Risk of Data Sharing. Iliana joins our host Catherine Short to discuss how these days, health data is an incredibly valuable commodity. Companies of all types should consider the legal risk with data valuation, data ownership, and data sharing agreements. In this episode, we will be discussing the scope and breadth of data sharing projects in development in the health care sector, examine contractual, state, federal, and international legal obligations for data privacy and security for such projects, and discuss issues related to data ownership that may also be part of such projects.
DMEPOS – In Compliance with CMS
1st Talk Compliance features guest Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., on the topic “DMEPOS – In Compliance with CMS.” Rachel joins our host Catherine Short to discuss special payment rules associated with durable medical equipment, prosthetics, orthotics and supplies. DMEPOS products must meet quality standards, suppliers need to be accepted by Medicare to participate, similar to providers, and are subject to fraud, waste, and abuse laws. This episode will provide an overview of participation and quality requirements, relay the latest compliance and requirements updates, and discuss the consequences of non-compliance, as well as submitting false and fraudulent claims.
The Criminal Side of Cybersecurity and HIPAA – Audio Version of the Webinar
Expert presenter, Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX guides us during this important and informative webinar. Breaches and the lack of the requisite technical, administrative, and physical safeguards can have criminal consequences. While most people are familiar with civil cases, there is the potential for HIPAA violations and ransomware attacks to be prosecuted criminally. The purpose of this webinar is to highlight potential areas of criminal liability, give specific examples, and address mitigation techniques – both before and after a government discovery request or grand jury subpoena emerges.
Employee Snooping & Insider Threats
1st Talk Compliance features guest Raymond Ribble, CEO and Founder at SPHER, Inc., on the topic of “Employee Snooping & Insider Threats.” Ray joins our host Catherine Short to discuss snooping and insider threats and why user monitoring and ePHI access strategies are vital to the security of sensitive patient information and data protection. With so much attention and money surrounding cybersecurity in the healthcare industry, malicious employees may decide to purposefully disclose patient information. Since employees and contractors may have knowledge of your network setup, vulnerabilities, and access codes, snooping employees with malicious intent hold the key to exposing your organization to a series of unwanted risks and threats. Listen as we identify signs of unauthorized access, provide guidelines to prevent snooping, and offer procedures to detect insider threats.
Health Data, A Value Proposition: Legal Risks with Innovative Data Sharing Projects – Audio Version of the Webinar
Iliana L. Peters, Shareholder at Polsinelli PC will be leading this engaging audio version of her webinar presentation. These days, data is more valuable than oil. And health data is the most valuable of all data! Companies of all types should consider the legal risk with data valuation, data ownership, and data sharing agreements. Data sharing projects take many forms and address many important issues, including improvements in patient safety, fraud and abuse, population health, research, and costs to the health care system. That said, the contractual, state, federal, and international regulatory requirements applicable to such data sharing projects are significant. As such, health care entities may be particularly vulnerable to legal risk related to data sharing projects involving health data. Specifically, health care entities should consider contractual obligation, HIPAA, state privacy laws, and other requirements, as well as discuss risk assessment, data sharing agreements, key provisions, and business associate relationships. The presentation offers best practices for these important issues and projects.
A Business Associate Agreement? Tell Me More!
1st Talk Compliance features guest Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX, on the topic of “A Business Associate Agreement? Tell Me More!” Rachel joins our host Catherine Short to discuss how Business Associate Agreements (BAA) are not new; however, some individuals are new to healthcare and others never understood what a BAA is exactly. A BAA is a contract that fundamentally gives assurances that the parties are complying with the Security Rule and Privacy Rule, setting parameters in the event of a reportable security incident or a breach, and states how the sensitive data will be returned and destroyed at the end of the relationship. This presentation not only seeks to dispel myths about why certain language is prevalent in nearly all BAAs, but also provides insight into other provisions, and items for consideration, in light of the 21st Century Cures Act.
Have a Breach? Reporting Requirements with the OCR
1st Talk Compliance features guest Trey Scott, Coordinating Attorney at Kennedy, Attorneys & Counselors at Law, on the topic of “Have a Breach? Reporting Requirements with the OCR.”Trey joins our host, Catherine Short to discuss the reporting requirements for a data breach of a healthcare provider, the definition of a breach, different timelines for reporting breaches, as well as how to complete a breach reporting form from the Office of Civil Rights.
The Dobbs Opinion, the Repealing of Roe, & the Impact on the Privacy & Security of Patient Information – Audio Version of the Webinar
Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX presents this very timely subject for us.The Dobbs Opinion repealed fifty years of precedent under Roe. The implications of the Opinion extend beyond women’s reproductive rights and impact the privacy rights of all Americans. The purpose of this webinar is to explain the key aspects of the Dobbs Opinion related to privacy from both the Majority and the Dissent’s perspective, address the current legislative initiatives, HHS Guidance, and Executive Orders, as well as appreciate the role HIPAA plays in navigating Dobbs.