HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Delegates Prepare for the 23rd National HIPAA Summit

Next week, government department heads and industry leaders will meet at the 23rd National HIPAA Summit to give updates on the progress that has been made over the past 12 months and to provide information on new laws and regulations. The summit also offers an opportunity for compliance officers and other healthcare professionals to receive training on a wide range of healthcare IT and HIPAA-compliance issues.

The threat of cyberattacks on healthcare providers has risen to an all time high and healthcare costs are spiraling out of control. The industry may be in critical condition, yet healthcare providers, health plans and other covered entities must find the funding to improve data security and protect the privacy of patients and health plan members.

Since the introduction of HIPAA this has been a major challenge, but with the introduction of HITECH, the Affordable Care Act (Obamacare), the move to IC10 coding and the passing of the HIPAA Omnibus Rule the challenge has grown. HIPAA-covered entities now face a huge financial and administrative burden to comply with these regulations, yet they must also continue to provide, and improve, the quality of healthcare services that they provide. In spite of the huge benefits that come from the move to digital data over physical records, there is still financial, clinical, and political resistance to change.

The move to EHRs presented many problems, although today this move is now almost complete. 94% of non-federal hospitals and 78% of office-based physicians have now adopted electronic health records, but those that have now implemented the change have to deal with a plethora of big data issues that threaten the privacy of patients and plan members.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

With such complex challenges, many HIPAA-covered entities are struggling to implement the required policies and procedures to achieve full compliance. One of the main aims of the conference is therefore to ease the burden on healthcare professionals and to provide guidance and assistance to help them improve data security and ensure compliance.

This is the 31st HIPAA Summit event since the introduction of the bill in 1996, and the National HIPAA Summit is an excellent opportunity for Privacy and Security Officers, healthcare IT specialists, medical professionals, financial officers and health insurance executives to gain a greater insight into HIPAA and its implications for the healthcare industry.

Presentations will offer practical advice on HIPAA-compliance, data security, data breach responses and the legal and privacy issues that surround the move from paper to electronic health records, while HIPAA Academy Professional Certification Training is being provided to delegates.

Two best practice roundtables are being held for Privacy and Security Officers, with question and answer sessions to help highlight, and deal with, the challenges currently faced by the industry.

This year the keynote speakers include:

Denesecia Green: Deputy Director, National Standards Group (NSG), Office of Enterprise Information (OEI), Centers for Medicare and Medicaid Services, Baltimore, MD

Jocelyn Samuels: Director, Office for Civil Rights (OCR), US Department of Health and Human Services, Former Acting Assistant Attorney General for Civil Rights, United States Department of Justice, Washington, DC

Lucia Savage: Chief Privacy Officer, Office of the National Coordinator for Health IT, US Department of Health and Human Services; Former Senior Associate General Counsel, UnitedHealthcare, Former General Counsel, Pacific Business Group on Health, Washington, DC

Daniel J. Solove, JD: John Marshall Harlan Research Professor of Law, George Washington University Law School, Author, Nothing to Hide: The False Tradeoff Between Privacy and Security, Understanding Privacy, The Future of Reputation: Gossip, Rumor, and Privacy on the Internet, and The Digital Person: Technology, and Privacy in the Information Age, Washington, DC

Training is a key area of the summit and delegates will be given the opportunity to learn about HIPAA under a variety of scenarios. Some of the key learning objectives include:

Learning Objectives

  • Understand the basics of HIPAA, HITECH, and ACA laws and regulations, and the effect of healthcare reform on health information exchange.
  • Obtain up-to-date information about recent changes to the HIPAA regulations.
  • Update covered entities and business associates regarding HIPAA requirements.
  • Learn what HIT contractors and subcontractors must do to become compliant.
  • Outline the next generation of privacy and security compliance strategies,
  • and how these affect electronic health record adoption and interoperability.
  • Equip healthcare organizations with the knowledge and practical applications to achieve “audit readiness.”
  • Learn security breach analysis and notification strategies, and understand encryption.
  • Offer insights into HIPAA privacy and security compliance best practices.
  • Understand the operational efficiency opportunities for providers and health plans supported by the operating rules.
  • Analyze industry readiness for implementation of ICD-10 and operating rules, and articulate strategies for compliance.
  • Learn about the operations efficiency opportunities for providers and health plans supported by the operating rules.
  • Understand the Medicare program incentives for meaningful use of electronic health records, and the role of regional extension centers.
  • Gain expertise in the evaluation, selection and adoption of electronic health record systems.
  • Anticipate operational issues and learn best practices in electronic health record implementations.
  • Prepare attendees for professional HIPAA privacy and security certification examinations.
  • Prepare attendees for professional HIT, EHR, HIE and Operating Rules certification examinations.

HIPAA Summit Plenary Sessions

  • Office for Civil Rights Update
  • 10 Trends in Healthcare Privacy You Need to Know Now
  • Privacy Officer’s Role in Auditing the Covered Entity
  • Business Associates (BAs) Update
  • Privacy and Epidemic Response: An Ebola Case Study
  • Healthcare Chief Privacy Officers Best Practices Roundtable
  • Compliance & Cyber Security: Enabling a Credible Program
  • Information Risk Management Essentials
  • An Advanced Understanding HIPAA Security Rule
  • A Risk-based Approach to Protecting ePHI
  • Healthcare Security Officer Best Practices Roundtable
  • Communicated the Importance of Privacy and Security to the C-suite
  • ONC Privacy and Security Policy Update
  • Update from the Health IT Policy Committee’s Privacy & Security “Tiger Team”
  • OCR Privacy and Security Audit Overview
  • Preparing for and Responding to an OCR Privacy and Security Audit
  • Best Practice in Breach Response
  • HIPAA and Big Data
  • Applicability of HIPAA to ACOs, Medical Home, Bundled Payments, etc.
  • Health Plan Identifier, ICD-10, and Health Plan Certification Updates
  • ACA Operating Rules Update
  • Self-Insureds Preparation for Health Plan Certification of Compliance
  • New Lessons Learned and Readiness for Implementing ICD-10
  • The Provider Perspectives on the HIPAA/ ACA Transactions, Code Sets, Identifiers and Operating Rules
  • Are we there yet? What is Next and Why is it Taking so Long? Can we Pedal Faster?


The summit runs from March 16-18 at the Omni Shoreham Hotel in Washington, DC. Those unable to attend in person will be able to take part via the live webcast and will be able to access the information online for a period of six months.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.