Creating Stable Security & Compliance Relationships Between Healthcare Orgs & Vendors

CynergisTek and Ober

Kaler to Present Free Webinar on Developing Security & Compliance Between Healthcare Orgs & Vendors 

Webinar: Thursday, September 10, 2015

1:00 pm – 2:00 pm EDT

The Omnibus Rule implementing the HITECH Act made several changes to the HIPAA Privacy and Security Rules that profoundly changed the dynamic between health care providers and vendors. In addition, the Breach Notification Rule standards for what is a reportable breach were profoundly modified. Business Associates are now directly responsible for demonstrating their compliance with the HIPAA rules and will be subject to Office for Civil Rights (OCR) audit and investigation, which significantly impacts how providers need to manage their vendors. In this new environment, providers must hold their relationship with vendors more accountable to ensure protection and integrity is addressed by the vendor handling PHI on their behalf and be more critical in selecting business partners.

This has become more important than ever, as recent regulatory changes have granted the Office for Civil Rights (OCR) more authority in assessing and penalizing non-compliance. This webinar presentation will review these regulatory changes and shed light on what must change in the relationship between covered entities and business associates. It will review strategies and highlight best practices to ensure that these business partners understand how to develop an effective, compliant relationship that ultimately improves the confidentiality and security of patient information. Attendees will learn how to establish a lifecycle vendor management system to create a successful partnership with business associates.

Learning Objectives

  1. Provide an overview of what has changed for BAs with respect to the HIPAA Rules and describe how it affects the relationship between health care providers or health plans and vendors.
  2. Describe how to develop and sustain effective vendor management practices to ensure compliance.
  3. Present a five-step life cycle approach with supporting actions for managing vendor security requirements.
  4. Provide useful resources and tools to use in a vendor management program.
  5. Share proven best practice strategies for provider organizations seeking to improve vendor selection and management to ensure compliance and reduce risk.

Presented by

David Holtzman, J.D., CIPP

VP of Compliance for CynergisTek and former advisor at OCR

James B. Wieland, Esquire

Head of Ober | Kaler

Kaler’s Healthcare Information

Privacy, Security and Technology Practice




1-2PM EDT / 12-1PM 

July 29th, 2015|

About the Author: