Many tax professionals provide services to healthcare providers, hospitals, and healthcare support businesses (such as billing companies) that are regulated by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). As a result, tax professionals may be subject to and regulated by HIPAA, must be able to identify when this occurs, and know the professional's obligations to protect a client's protected health information.

In addition, as a HIPAA business associate, tax professionals are required by HIPAA to participate in HIPAA training.

This presentation will help tax professionals understand how HIPAA regulates their organization and their client's organizations and the legal obligations under HIPAA to protect the privacy and security of protected health information.

Not all information that relates to healthcare is PHI regulated by HIPAA and determining when HIPAA may apply and when a business associate agreement may be needed requires an understanding of HIPAA.

In addition, the IRS may subpoena or request a client's information, and tax professionals need to understand how and when PHI may be disclosed. The class also explains the security safeguards that arise under HIPAA and how client PHI must be protected during access or when being maintained in a tax professional setting.

Failing to have a HIPAA-compliant security risk assessment can leave unidentified vulnerabilities that lead to HIPAA breaches and cybersecurity attacks and potentially result in penalties through enforcement activities. Understanding how the Department of Health and Human Services Office for Civil Rights enforces HIPAA and investigates breaches and complaints can assist in structuring a HIPAA compliance program. Attendance in this presentation may also satisfy the requirement for HIPAA training.What You'll Learn:What Is HIPAA

• HIPAA Regulatory Background
  
• Who Is Regulated and When Is a Business Associate Agreement Required?
  
• What Is Regulated and When Is Information Not PHI?

What Are Your Privacy Obligations Under HIPAA

• How Can You Access and Disclose PHI?
  
• How Do State Privacy Laws Relate to HIPAA?
  
• When Can You De-Identify/Aggregate PHI?

What Are Your Security Obligations Under HIPAA

• What Are Physical, Technical, and Administrative Safeguards?
  
• What Is a Security Risk Assessment and Why Is It Important?
  
• What Are Recognized Security Practices?

What Is a Breach and How Must You Respond

• What Is a Breach?
  
• How Must Notice Be Provided?
  
• How Do State Breach Notification Laws Relate to HIPAA?

How Is HIPAA Enforced?

• When Does the Office for Civil Rights Investigate HIPAA Violations?
  
• What Are Some of the More Recent Enforcement Actions by the Office for Civil Rights?
  
• What Is the State Attorneys General Role in Enforcement?