Upcoming NJHIMSS Events
How the Final Rules on Information Blocking Will Affect Your Organization
Event Date: June 12, 2020
Event Time: 12 Noon EDT
Registration Link: https://attendee.gotowebinar.com/register/3699563464767947536
On May 1, 2020, the Office of National Coordinator (ONC) and Centers for Medicare & Medicaid Services (CMS) simultaneously published their final rules implementing the 21st Century Cures Act. On April 24, 2020, the Office of Inspector General (OIG) released its Proposed Rule on Civil Monetary Penalties (CMPs) to be imposed against actors who engage in prohibited “Information Blocking.” These new rules and standards will turn on their heads certain policies and procedures that covered entities and business associates may have adopted in accordance with HIPAA and permitted business practices, and now all need to be updated to ensure that they do not violate these new 21st Century CURES’ Act rules. There is a lot on everyone’s minds these days, but deadlines loom around the corner and implementation cannot be completed hastily. Join us for this Webinar to get a lean and focused overview of what you need to do to comply.
The Webinar will cover the following:
Brief review of 21st Century CURES Act and its prohibition against Information Blocking, as well as Patient Access requirements
ONC’s Information Blocking Final Rule:
- ONC’s Health IT Certification Program, including:
- Electronic health information export certification criteria
- HL7® FHIR® Release 4 Standards for API Certification
- Communications Condition and Maintenance of Certification
- Information Blocking, including:
- Who are “Actors” subject to the Rule’s Info Blocking provisions?
- What constitutes “interference with” Access, Exchange, or Use of electronic health information (EHI)
- Detailed review of the Eight (8) Exceptions that will not be considered information blocking IF the criteria of such exceptions are strictly met. The 8 Exceptions to Information Blocking include: (1) Preventing Harm; (2) Privacy; (3) Security; (4) Infeasibility; (5) Health IT Performance; (6) Content & Manner; (7) Fees; (8) Licensing
- Compliance timelines/deadlines, including ONC’s announcement to delay enforcement
CMS’s Interoperability and Patient Access Final Rule, including:
- Overview of requirements that give patients better access to their health information and mandates greater interoperability through:
- Patient Access API;
- Provider Directory API;
- Payer-to-Payer Data Exchange;
- Increasing Frequency of Federal-State Data Exchanges;
- Public Reporting of Information Blocking practices;
- Digital Contact Information; and
- Admission, Discharge, and Transfer (ADT) Event Notifications
- Compliance timelines/deadlines, including CMS’ announcement to delay enforcement
OIG’s Proposed Rule for Civil Monetary Penalties
How the ONC & CMS Final Rules will affect Organizations’ HIPAA Policies governing Uses & Disclosures of Protected Health Information, and Patient Access to electronic health information.
Helen has recently been selected to the 2020 “Super Lawyers® list for Health Care Law in New Jersey. The Super Lawyers list is issued by Thomson Reuters. Her firm was also included on the 2018, 2019 and 2020 “Best Law Firms” in Health Care Law, Princeton New Jersey list issued by Best Lawyers. Her firm is a Founding Member of the national Women Owned Law (WOL) group, and Helen serves as a Board Member.
Helen is a corporate and regulatory attorney whose practice for over the last 20 years has focused almost exclusively on advising and representing clients in the healthcare industry. She is the founding member of Attorneys at Oscislawski LLC, a progressive and forward-thinking law boutique providing high-quality and cost-effective legal representation to its clients. In 2020, Helen also relaunched here widely popular blog called Legal HIE, which now additionally offers an option for membership-only access to compliance content she and her partner have developed over a the last decade.
Helen cemented her reputation as a prominent privacy and health information technology attorney through decades of developed experience and working hand-in-hand with C-suite executives and in-house general counsels on how to structure and manage complex data-sharing arrangements in compliance with applicable federal and state laws. She is known to many as a “go to” attorney for legal guidance and advice on HIPAA, as well as many different federal and state laws regulating the access, use and sharing of medical, health and genetic information. Helen also has substantial experience with helping her clients navigate legal issues when responding to ransomware attacks, data breaches, OCR audit and complaint letters, and return/sanitization of patient data taken by former employees. In 2008, New Jersey Governor Jon Corzine appointed Helen to the New Jersey Health Information Technology Commission (NJ-HITC) to fill the seat designated by statute for “an attorney practicing in this State with demonstrated expertise in health privacy.” [statutorily defined See N.J.S.A. 26:1A-137(a)2]. In 2010, she was reappointed to NJ-HITC by Governor Christie and tapped to serve as Chair of the Privacy and Security Committee for the New Jersey HIT Coordinator. As a trusted advisor, Helen currently represents and advises some of the most cutting edge and sophisticated organizations in the nation, including several large multi-stakeholder collaboratives in the NJ/NY/PA region, as well as a number of burgeoning “big data” innovation projects and initiatives.
Helen is admitted to practice law in New Jersey (since 1999) and Arizona (since 2020). To learn more about Helen, visit her LinkedIn page, and her websites www.oscislaw.com (legal matters) and www.legalhie.com (turn-key compliance solutions
SPC Webinar - Trust but Verify: How to Protect Your Organization from Third-Party Security Breaches
Event Date: TBD
Event Time: TBD
Registration Link: TBD
In today’s global economy and highly connected system of networks, we are susceptible to any attacker from any country who has a digital path right to our doorstep. We need to work even harder to protect information that could be exposed online. That includes how we interact with third-party vendors and business associates who are obligated to safeguard our data.
Before the digital evolution of healthcare, partnerships with vendors were based on a handshake. In 2018, an astounding 20% of healthcare data breaches occur from third-party vendors. Though we have complicated business associate agreements (BAAs), which are in part meant to hold third parties accountable for how they use, store and share protected information, even BAAs are simply a piece of paper.
This presentation will offer new insights on how to think more broadly about vendor risk management, what types of data need to be protected, the types of business partners you should have agreements with, and how to build a resourced governance process that could save your organization from disastrous consequences if and when a breach does occ
Gerry Blass brings over 35 years of experience in healthcare information technology. Prior to ComplyAssistant, Gerry was the Chief Information Security Officer (CISO) for a major healthcare system in New Jersey. As the CISO, Gerry built the HIPAA Privacy and Security programs and chaired their multidisciplinary governance team. In 2002 Gerry founded ComplyAssistant to provide software and service solutions for HIPAA and IT strategic planning. Gerry currently chairs the NJ HIMSS Privacy, Security and Compliance Committee and participates in national and local chapter events that include NY, NJ, and Delaware Valley. Gerry contributes to healthcare compliance articles and postings in various blogs and publications. Gerry shares content in HIPAA 411, a LinkedIn group he co-founded, along with many other related LinkedIn groups. Gerry is an active member and presents at industry association events with HIMSS, HFMA, AITP, NCHICA, NJPCA, NJAMHAA, and HCCA.
Robert (Bob) Babin is director of strategic initiatives and CISO at St. Peters Healthcare System in New Brunswick, NJ. Bob has over 35 years of experience in manufacturing, financial and healthcare technology, serving in various management capacities, including director, senior vice president and C-level, bringing strategic experience to information technology and operations. As CISO, he oversees efforts information security efforts around regulatory and audit compliance, policy development, technology risk mitigation, vulnerability management and administering the information security program at St. Peters. Bob holds three Masters of Science degrees in business and technology management, and has earned CISA and CISM certifications. He is an active member of ISACA, NJHIMSS, CHiME, ISSA, AEHIS, NJHA/CTISO, NHISAC, NJCCIC and MS-ISAC.
PAST EVENTS CALENDAR