Register Online - Add to Cart


Product ID: 408688EAU

HIPAA Compliance for Small Business Owners

OnDemand Webinar (92 minutes)

Gain a better understanding of how HIPAA impacts small businesses.While the focus of HIPAA is on covered entities like health care providers and health insurance companies, the health plans that are sponsored by small businesses are likewise covered entities and must follow the rules. The trick is to know what information is health plan-related and what is treated as employee information not subject to HIPAA, and it often requires, in a small business, knowing what hat you are wearing as you encounter health information. Penalties for violations of crossing the line between a small business and its health plan can be significant. This topic will review how to distinguish between HIPAA-controlled and non-HIPAA-controlled information, providing for individual rights under HIPAA, protecting sensitive health care information, the role of employee wellness programs, implementing security awareness training, undertaking an annual risk assessment, monitoring third-party service providers, using encryption, incident response, contingency planning and case studies/examples. This material was prepared at an intermediate level. Leave with practical tips and tools that you can apply to your business, and better understand how your business is affected by HIPAA.


Jim Sheldon-Dean, Lewis Creek Systems, LLC


Overview of HIPAA and Small Businesses

• How Does HIPAA Apply to Small Businesses?

• What Small Business Information Is Subject to HIPAA?

HIPAA Compliance and Small Business Health Plans

• How You Do Business With Protected Health Information

• Limitations on Sharing HIPAA-Covered Information Within the Business

• Permitted Sharing of HIPAA-Covered Information Within the Business

• Individual Rights and the Health Plan

• Arrangements With Third Parties and Insurers

Protecting HIPAA-Covered Information

• Using an Integrated Information Privacy and Security Management Process

• Evaluating Risks and Securing Electronic Information

• Preparing for Incidents and Contingencies

• The Role of Training and Documentation

• Current Issues in Using and Managing Electronic Health Information