It is important to understand the new changes going on at Health and Human Services as it relates to enforcement of HIPAA for both covered entities and business associates as it relates to portable devices, texting, emailing, and transmission in general of protected health information (PHI). You need to know how to avoid being low hanging fruit in terms of audit risk as well as being sued by individuals who have had their PHI wrongfully discloses due to bad IT practices. I have also been expert witness on multiple court cases where a business or medical practice is being sued for not doing their due diligence to minimize risk.These day’s trial attorney’s pose a higher risk than the Federal government! This lesson will be going into great detail regarding you practice or business information technology and how it relates to the HIPAA/HITECH Security Rule and securing PHI in transmission. I will go through multiple examples and specific scenarios and also offer simple common-sense solutions. Areas covered will be texting, email, encryption, medical messaging, voice data, personal devices, and risk factors. I will uncover myths versus reality as it relates to this very enigmatic law based on over 1000 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. I will speak on specific experiences from over 18 years of experience in working as an outsourced compliance auditor, expert witness on multiple HIPAA cases in state law, and thoroughly explain how patients are now able to get cash remedies for wrongful disclosures of private health information. More importantly I will show you how to limit those risks by simply taking proactive steps and utilizing best practices.
About Brian Tuttle
Brian L Tuttle is a Certified Professional in Health IT (CPHIT), Certified HIPAA Professional (CHP), Certified HIPAA Administrator (CHA), Certified Business Resilience Auditor (CBRA), Certified Information Systems Security Professional (CISSP) with over 20 years’ experience in Health IT and Compliance Consulting.
With vast experience in health IT systems (i.e. practice management, EHR systems, imaging, transcription, medical messaging, etc.) as well as over 20 years’ experience in standard Health IT with multiple certifications and hands-on knowledge, Brian serves as compliance consultant and has conducted onsite and remote risk assessments for over 1000 medical practices, hospitals, health departments, insurance plans, and business associates throughout the United States.
In addition, Mr Tuttle has served in multiple litigated court cases serving as an expert witness offering input related to best practices and requirements for securing and providing patient access to protected health information. Mr. Tuttle has also worked directly with the Office of Civil Rights (OCR) both in defending covered entities and business associates as well as being asked by the Federal government to audit covered entities and business associates on behalf of the OCR.
Almost all of Brian’s clients are earned by referral with little or no advertising.
Brian is well known and highly regarded in medical circles throughout the United States for his quality work and down home southern charm
Mr Tuttle has a Master’s Degree in Health Sciences from Georgia State University