A Summit on Healthcare Privacy and Data Security: HIPAA and Beyond Healthcare privacy and data security has become one of the major policy, technology and operations issues in American healthcare. The compliance date for the HIPAA privacy rule of April 14, 2003 has passed, but the second generation of HIPAA privacy protections are still being put into place. Likewise, HIPAA transactions and data code sets compliance date of October 16, 2003 has come and gone. CMS has issued a guidance document which effectively provides compliance flexibility so long as covered entities are making good faith efforts to come into compliance. Although the compliance date for the security rule is April 2005, it is being implemented by many covered entities in conjunction with privacy rule compliance initiatives. HIPAA does not preempt more restrictive state law. Thus, in effect, there are 50 state schemes in healthcare privacy and security, subject to certain federal minimum standards. This complex mix of federal and state law and regulation creates a maze through which healthcare organizations must navigate.

Compliance is not only complex, but also extremely costly as healthcare moves to electronic data interchange and the Internet. The HIPAA Summit conference series provides a road map to understanding the complex requirements of federal and state law and illuminates strategies for compliance. Through an expert faculty of 75 and over 40 concurrent sessions, the Eighth National HIPAA Summit will go well beyond the simple recitation of the federal HIPAA law and regulations. Of course, the Summit will provide the most up-to-date and sophisticated information on the status and construction of the HIPAA regulations through the presentations of the leading HIPAA regulators from the Department of Health and Human Services. The Summit will focus on the crucial issues of the implementation of the transactions and code sets and the security rule, and will feature practical case studies from the field, including presentations by leading privacy, security and compliance officers from around the country. The Summit will address the complex financial, operational and technical issues that must be addressed not only to comply with the technical requirements of the law, but also to integrate new technologies in order to enhance the efficiency, quality and accessibility of healthcare services.

• Provide a Basic Background to the HIPAA Law and Regulations
• Assess Current Compliance with HIPAA Transactions and Code Sets Compliance and Future Initiatives Necessary to Enhance Compliance
• Present an Analysis of the Final HIPAA Security Rule and Responsive Compliance Strategies
• Outline the Next Generation of HIPAA Privacy Compliance Strategies Following the April 2003 Compliance Date
• Describe Prominent MultiInstitutional and/or Regional Approaches to HIPAA Compliance
• Share Case Studies of Organizational Approaches to HIPAA Compliance

The planning and implementation of HIPAA requires a joint effort of healthcare executives throughout your organization. Therefore, team attendance is encouraged. Specifically, the Summit will benefit healthcare leadership teams from hospitals, healthcare systems, health plans, TPAs, insurance companies, physician groups, government agencies, consulting firms, solution developers and others, including the following individuals: