FALLS CHURCH, Va., March 5, 2014 /PRNewswire-iReach/ -- HIPAA/HITECH Compliance Strategies for Medical Device Manufacturers
March 20, 2014 — 1:00 p.m. – 2:30 p.m. EDT
Medical Devices Could Be Unwittingly Violating HIPAA Electronically Protected Health Information Standards (ePHI) — HHS OIG's 2014 Work Plan Announces Research Initiative to Find Out
As concerns mount about medical devices unknowingly storing personal health information, the Department of Health and Human Services' Office of Inspector General has added a research initiative focused on the control of networked medical devices.
The recently released OIG 2014 Work Plan states, "We will determine whether hospitals' security controls over networked medical devices are sufficient to effectively protect associated electronically protected health information (ePHI) and ensure beneficiary safety. Computerized medical devices, such as dialysis machines, radiology systems, and medication dispensing systems that are integrated with EMRs and the larger health network, pose a growing threat to the security and privacy of personal health information. Such medical devices use hardware, software, and networks to monitor a patient's medical status and transmit and receive related data using wired or wireless communications."
The release of the Work Plan followed on the heels of HHS' Jan. 17 release of the much-anticipated HIPAA final rule. The expanded rule makes business associates of covered entities, and their subcontractors directly liable for compliance with the HIPAA security rules and certain parts of the HIPAA privacy rules. More than ever, medical device manufacturers need to clearly understand when they are responsible for HIPAA (and HITECH) compliance.
The expanded regulations, coupled with the OIG's new research initiative, have significant implications for medical device manufacturers: specifically, the importance of implementing sufficient security and privacy protocols to avoid data breaches that can lead to fines and penalties.
To combat these growing concerns for device manufacturers, FDAnews has teamed with noted industry expert, Seth Mailhot, a partner with Michael Best & Friedrich LLP in Washington, DC, to present a webinar on March 20 from 1:30-3:00 PM ET. This event will provide devicemakers with the knowledge and tools to handle the complexities of these regulations. In one 90-minute session, they'll get answers to these pressing questions:
- When does medical device-related information qualify as electronic protected health Information (ePHI)?
- What are the differences between HIPAA's Privacy Rule and Security Rule?
- When do business associate relationships exist with a covered entity?
- What procedures, processes or protections do companies need to include in their agreements with business associates in case of a data breach?
- Could concerns about cybersecurity and cloud computing increase HIPAA/HITECH noncompliance?
- And more.
Devicemakers who attend this webinar will also learn, if their product stores ePHI, whether they may unwittingly be in a business associate relationship with customers and how best to structure contracts to avoid liability, fines and penalties.
Meet the Presenter:
Seth Mailhot leads the FDA Regulatory practice at Michael Best & Friedrich LLP, and is a member of the firm's Transactional Practice Group in the Washington, D.C., office. Mr. Mailhot has worked on FDA-related matters for more than 20 years, starting in various technical and enforcement positions at the FDA. Since entering private practice, Mr. Mailhot counsels clients on all aspects of regulation by FDA, as well as related matters regulated by USDA and HHS, such as the requirements of the National Organic Program, compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and the Health Information Technology for Economic and Clinical Health Act (HITECH).
Who Will Benefit:
- Legal affairs
- Regulatory affairs
- Software development directors
- IT security and systems
- Risk management directors
- Contracting and commercial development directors
HIPAA/HITECH Compliance Strategies for Medical Device Manufacturers
March 20, 2014 — 1:00 p.m. – 2:30 p.m. EDT
$547 per site -- includes webinar registration and audio cds and transcripts
Easy Ways to Register
By phone: 888-838-5578 or 703-538-7600
FDAnews is the premier provider of domestic and international regulatory, legislative, and business news and information for executives in industries regulated by the US FDA and the European Medicines Agency. Pharmaceutical and medical device professionals rely on FDAnews' print and electronic newsletters, books and conferences to stay in compliance with international standards and the FDA's complex and ever-changing regulations.
Media Contact: Michelle Butler, FDAnews, 703-538-7665, email@example.com
News distributed by PR Newswire iReach: https://ireach.prnewswire.com