HIPAA Changes Coming in 2025: What You Need to Know [Live Webinar]

This new, intermediate webinar examines HIPAA changes for 2025 and beyond, including a focus on privacy protections in general apart from HIPAA law.

This webinar covers state actions and law as well as other federal agencies such as the Federal Trade Commission. In addition, new HIPAA laws from 2024 that are being implemented in 2024 will be reviewed.

Erase the uncertainty and doubt about what is coming for HPAA changes in 2025, including data privacy, and the implementation of existing HIPAA laws on the books now to be implemented in 2025.

Webinar Overview:

This is a new, intermediate webinar that will examine HIPAA changes for 2025 and beyond. A greater focus on medical records privacy exists with strengthening federal and other laws now on the books or coming.

First, HIPAA privacy protections now will include references to existing and new state data and medical privacy laws with a focus on areas of concentration in regulation and enforcement for state laws that go beyond HIPAA. We will review projections for data privacy at the state level that supplement HIPAA including an emphasis on children’s protections.

Second, this webinar will examine efforts by other federal agencies such as the Federal Trade Commission to regulate medical privacy and data privacy by health care professionals and the health care industry.

Third, the role of Artificial Intelligence in health care and the data it generates – often from protected health information – will be reviewed with an eye towards HIPAA in 2025. What topic in public protection and the law would be complete with out a review of Artificial Intelligence?

Fourth, the current updates, new changes, and coming modifications to HIPAA in 2025 show many new things on the horizon in health care and medical privacy. This will include the rollout and implementation of new HIPAA laws announced in 2024 for greater privacy and protections for reproductive health care records.

Fifth, this webinar ends with an examination of the continued focus on strict enforcement coming in 2025 by review a multi-million dollar settlement this year with a major hospital over cybersecurity breaches. Health care entities are the number one target of cybercrime and cybersecurity by thieves and criminals, including sometimes, their own health care workers who are bad actors. 2025 will bring continued focus on HIPAA enforcement even in such situations of criminal mischief.

This is an intermediate webinar designed to educate everyone attending to recognize broad changes coming in 2025 for HIPAA and how state laws and even other federal agencies will be mixed in with HIPAA in 2025.

Agenda:

The areas covered in this session include these learning objectives:

• Privacy predictions for all of 2025 including HIPAA;
• State data protection laws for medical privacy that go beyond HIPAA;
• Federal Trade Commission authority over privacy that supplements HIPAA in 2025;
• Children’s privacy and health care privacy updates for 2025;
• Renewed focus on the privacy of telematics – why HIPAA doesn’t cover that and won’t in 2025;
• Examination of state health data privacy laws with HIPAA;
• General requirements, exemptions, and enforcement of state laws allowed by HIPAA then and now in 2025;
• An analysis and prediction of heightened enforcement actions in 2025 based on a multi-million dollar settlement with a major hospital that was the victim of cybercrime, and;
• Top takeaways for HIPAA and medical privacy in 2025.

Who Should Attend:

HIPAA privacy officers; medical records workers; health care attorneys

HIPAA 42 CFR Part 2 – New Updates About the Confidentiality of Substance Use Disorder (SUD) Patient Records: What You Need to Know [Live Webinar]

HIPAA medical records confidentiality and confidentiality of substance use disorder; mental health records confidentiality

This webinar examines the new Code of Federal Regulations governing HIPAA privacy for Substance Use Disorder records in mental health.

This new federal law is only a few months old, but has had a huge impact on the rights of patients and persons availing themselves of mental health treatment for substance use disorder.

Erase the uncertainty and doubt about what the new law does – and doesn’t – do to protect patient confidentiality.

Overview:

On February 8, 2024, both the U.S. Department of Health & Human Services (HHS) with the Substance Abuse and Mental Health Services Administration (SAMHSA) along with the Office for Civil Rights announced a final rule in the Code of Federal Regulations changing the HIPAA confidentiality of medical and mental health records for Substance Use Disorder (SUD) records regulations.

This new law is now at 42 CFR part 2. With this final rule now firmly in place, the HHS is implementing the confidentiality provisions originating with section 3221 of the Coronavirus Aid, Relief, and Economic Security (CARES) Act, which was enacted March 27, 2020, and which require the Department to align certain aspects of Part 2 with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Rules and other applicable federal law in the Health Information Technology for Economic and Clinical Health Act (HITECH).

The Part 2 statute (42 U.S.C. 290dd-2) protects the following: “[r]ecords of the identity, diagnosis, prognosis, or treatment of any patient which are maintained in connection with the performance of any program or activity relating to substance use disorder education, prevention, training, treatment, rehabilitation, or research, which is conducted, regulated, or directly or indirectly assisted by any department or agency of the United States.”

These defined confidentiality protections now help address concerns that discrimination and fear of criminal prosecution deter people from entering treatment for SUD.

The updates, changes, and modifications in this final rule reflect the proposals published in the December 2, 2022, Notice of Proposed Rulemaking (NPRM) and public comments received from many interested parties.

These included substance use disorder and other advocacy groups; trade and professional associations; behavioral and other health providers; health information technology vendors and health information exchanges; state, local, tribal and territorial governments; health plans; academic institutions, including academic health centers; and unaffiliated or anonymous individuals.

Following the usual and customary 60-day comment period, HHS analyzed and carefully considered all comments submitted from the public on the NPRM and made appropriate modifications before finalizing this updated law. This is an intermediate webinar.

Learning Objectives:

• Basics of HIPAA privacy and security;
• What makes mental health and substance use disorder records different from other medical records;
• A review of the federal administrative regulations process – all about notice and comment rulemaking;
• Examination of updates to this new federal law;
• Patient consent and other uses and disclosures;
• Penalties and breach notifications;
• Patient notice and safe harbor provisions;
• Best practices for obtaining this protected information, and;
• Basic tips and techniques to defend yourself from liability.

Who Should Attend:

HIPAA privacy officers; medical records workers; health care attorneys

The Role & Responsibility of the HIPAA Privacy Officer in 2025: Essentials Duties, Qualifications, and Best Practices [Recording]

In today’s intricate health care environment, the basic provisions of privacy for protected health information (PHI) have become more complex, necessitating the appointment of a Privacy Officer for covered entities under HIPAA laws.

HIPAA mandates various security rules concerning PHI, starting with the role of the Privacy Officer. These federal requirements apply not only to covered entities but also to their business associates.

Key Questions:

• What distinguishes a HIPAA Compliance Officer, a Privacy Officer, and a Security Officer?
• Can a health care entity merge these functions and duties?
• Are these three distinct roles, or can they be consolidated?
• Due to the constant evolution of HIPAA regulations, covered entities must adapt to increasing responsibilities, expanded job duties, and heightened resource demands to maintain patient confidentiality and digital security, all primarily managed by the Privacy Officer.

This webinar delves into the roles and responsibilities of the Privacy Officer, the necessary qualifications, and practical strategies for managing privacy functions effectively.

Webinar Agenda

Introduction:

• Does HIPAA require a Compliance Officer, Privacy Officer, and Security Officer?
• Understanding the necessity of designating a Privacy Officer for covered entities and their business associates, as mandated by federal regulations.

In-depth Discussion:

• Detailed examples of the duties and qualifications of a Privacy Officer.
• Comprehensive review of job responsibilities pertinent to the Privacy Officer role.
• By addressing strict HIPAA compliance laws, this webinar aims to alleviate fear, uncertainty, and doubt. Learn how to ensure your health care organization complies with HIPAA privacy requirements through an effective Privacy Officer.

Webinar Highlights

Problems and Solutions:

• Identifying the core elements of HIPAA compliance concerning the Compliance Officer, Privacy Officer, and Security Officer.
• Analyzing the mandatory identification and designation of the Privacy Officer.
• Examples of Privacy Officer duties and responsibilities.
• Reviewing the desired qualifications for a Privacy Officer.
• Discussing an extensive list of job duties for a successful Privacy Officer.

Who Should Attend

• Health care attorneys
• Corporate compliance officers in health care
• Medical records staff in medical offices and health care entities
• Hospital attorneys
• Health care practitioners who are covered entities
• Law enforcement officers in health care compliance
• State boards and agencies overseeing state licenses for health care professionals

Join us to gain a comprehensive understanding of the essential role of the HIPAA Privacy Officer in maintaining compliance in the ever-changing health care landscape.