The Requirements and Responsibilities of a HIPAA Security/Privacy Officer

         Discussions, presentation, and webinars regarding HIPAA regulations are usually addressed from the perspective of what the regulations entail, the necessity of compliance with the regulations, and the consequences of willful neglect or non-compliance.

         This presentation addresses HIPAA regulations from a different perspective – from a personal perspective – from the perspective of the person in charge of moving an organization or facility toward full compliance with HIPAA. The by-product of this presentation will be both an understanding of, and a detailed job description for, a position mandated in the regulations – the HIPAA Security/Privacy Officer.

        The HIPAA regulations are numerous, complicated, often vague, and affect every person working in a healthcare facility. Compliance with HIPAA will require a unique individual to lead the charge – an individual whose education, background, experience, and demonstrated skill sets offer the opportunity for that person to succeed in achieving the goals of that position. This is a new position to most healthcare facilities. So understanding who this person should be, what is required of the person with this job title, and with whom this person will interface is vital to every healthcare organization with the goal of achieving full compliance with HIPAA.

• Position goals
• Position requirements (education, experience, skill sets, etc.)

• Stay abreast of regulations
• Initiate compliance with HIPAA (according to regulations)
• Ensure continuous progress toward full compliance
• Develop appropriate security/privacy policies & procedures
• Oversee and deliver appropriate training programs to all employees
• Track compliance with HIPAA regulations at the facility & individual levels
• Track access to PHI
• Investigate and resolve HIPAA violations
• Apply sanctions to HIPAA violators
• Manage any information security personnel
• Prepare a department budget
• Hold Business Associates accountable for their own compliance with HIPAA …. and the list goes on

This is a new position to most healthcare facilities. So the objective of this presentation is for the audience to understand:

• What type of person should be in this position?
• What skill sets would be helpful for the person in this position?
• What educational backgrounds would be helpful?
• What certifications might be helpful?
• What is required of the person with this job title?
• What are the challenges the person in this position will probably face?
• With whom this person will interface?

This webcast will be of a valuable assistance to the below audience.

• Someone interested in becoming a HIPAA Security/Privacy Officer
• Someone who will make the decision for hiring a person for this position
• Practice/Hospital Administrators
• MDs and Healthcare Professionals
• IT Professionals
• Facility Managers
• Business Associates of healthcare facilities
• Attorneys
• Any person who deals directly or indirectly with PHI