This lesson will be addressing how practice/business managers (or compliance offers) need to ensure their organization is complying with the Federal Substance Abuse and Mental Health Administration (SAMHSA) regulations (42 CFR Part 2) and how this differs from the HIPAA (Health Insurance Portability and Accountability Act) Privacy and Security Regulations.
Both regulations carry significant civil and even criminal penalties if not complied with.
Both regulations are now being enforced proactively by the Federal government.
Both regulations if not complied with can lead to catastrophic legal consequences on state laws of negligence and invasion of privacy if not complied with.
This lesson will cover the latest SAMHSA and HIPAA updates which were released in January 2018 and December of 2017 respectively, and also cover multiple scenarios and FAQ’s relating to Substance Abuse Records, Mental Health Records, Alcohol Abuse Records, and the proper ways to secure this information and/or release this information.
An overview of a comparative analysis will be presented comparing SAMHSA to the HIPAA laws relating to protected health information in general.
Are you clear on the differences between HIPAA and SAMHSA – there are some small but extremely major differences that must be addressed between the two regulations.
Is your organization working with substance abuse records or mental health records?
Are you aware of the strict federal regulations related to this type of sensitive information?
Are you aware of the ramifications for non-compliance for both HIPAA and SAMHSA?
The Substance Abuse and Mental Health Services Administration (SAMHSA) is the agency within the U.S. Department of Health and Human Services that leads public health efforts to advance the behavioral health of the nation. SAMHSA's mission is to reduce the impact of substance abuse and mental illness on America's communities.
Brian L Tuttle is a Certified Professional in Health IT (CPHIT), Certified HIPAA Professional (CHP), Certified HIPAA Administrator (CHA), Certified Business Resilience Auditor (CBRA), Certified Information Systems Security Professional (CISSP) with over 17 years’ experience in Health IT and Compliance Consulting with vast experience in health IT systems (i.e. practice management, EHR systems, imaging, transcription, medical messaging, etc.) as well as over 17 years’ experience in standard Health IT with multiple certifications and hands-on knowledge, Brian serves as compliance consultant and has conducted onsite and remote risk assessments for over 1000 medical practices, hospitals, health departments, insurance plans, and business associates throughout the United States.
In addition, Mr Tuttle has served in multiple litigated court cases serving as an expert witness offering input related to best practices and requirements for securing and providing patient access to protected health information. Mr. Tuttle has also worked directly with the Office of Civil Rights (OCR) both in defending covered entities and business associates.
01:00 PM EST 12:00 PM CST 11:00 AM MST 10:00 AM PST