Contact Us at +1-484-212-0850

HIPAA Privacy Rule Disclosure Misconceptions 2018 and 2019 HIPAA Update: Rule changes, New risks, and the Internet of Things

Live On :

Duration :

Course Description:

Even with HIPAA having been in effect for approximately 20 years, covered entities still have trouble with the complicated disclosure rules under its Privacy Rule. And one can face serious consequences for not making a proper disclosure, like the $4.3 million a leading Healthcare firm suffered or the federal prosecution a psychologist faced more making an improper disclosure. And failure to make a proper disclosure can be life-threatening.

The 90-minute webinar on "HIPAA Privacy Rule Disclosure Misconceptions 2018 and 2019 HIPAA Update: Rule changes, New risks, and the Internet of Things" will focus on the main problem disclosures:

  • to the patient/client.
  • to family members. Who qualifies as a family member? Guardianship rules. Parents and minors.
  • to the media.
  • to clergy.
  • to law enforcement. To locate a suspect or missing person. For crime on the premises.
  • to those able to prevent a serious and imminent threat to self or others. Law enforcement, medical professionals, family members, counselors, clergy.

Each of these categories has specific criteria that must be met before making the disclosure. The webinar will explain those criteria in understandable words and provide a methodology for deciding whether a particular disclosure is proper.

Why should you Attend?

Some HIPAA issues arise infrequently or not at all. For example, if you do not conduct research, you don’t have to worry about what disclosures one can make of research data. Others, however, arise often, perhaps daily in large organizations, such as giving patients copies of their charts, giving family members access to Protected Health Information (PHI), dealing with the Press, and others. And most of the time one will not have the time to do a lot of research as to whether the disclosure is permissible or get a legal opinion.

         All key personnel should at least be familiar enough with the possible grounds for disclosure to recognize, “Oh, this person claims to be a family member, but I don’t know him. Do I have to verify his identity? Can I give him access to the chart?” Having disclosure policies and worksheets, like the samples provided, are an absolute necessity to avoid a sanction for breach of confidentiality or for failure to disclose that results in harm. Attendees will not only become familiar with the grounds for disclosure but also learn a methodology for making the disclosure to protect themselves, the facility, and the patient/client.

Areas Covered:

Understanding the criteria for the problematic disclosures covered in the webinar is key for providers and other covered entities to function safely, effectively, and legally. One never knows when one of these situations may arise. The 90-minute webinar on "HIPAA Privacy Rule Disclosure Misconceptions 2018 and 2019 HIPAA Update: Rule changes, New risks, and the Internet of Things" will answer questions like what do you do when:

  • Someone you don’t know comes in and says that he is your patient’s father and wants a copy of the chart and you know that the parents are divorced.
  • A parent wants to see the chart and has expressed that her daughter “will feel it on her behind end” if she’s on birth control pills.
  • The patient was a victim of a mass shooting and the Press wants to know her status.
  • A pastor wants to see the patient who has told you he is an atheist.
  • A police officer asks whether an individual is your patient and is he in the facility.
  • A relative wants to know whether the accident victim patient is alive?
  • A mental health client wants to see the raw data of a psychological test.

Attendees will be provided a sample disclosure to law enforcement policy, a sample worksheet to determine whether a situation can or must be reported as being a serious and imminent threat, and a sanitized (to protect client confidentiality) and successful legal opinion provided to an Office for Civil Rights investigation demonstrating that a disclosure was not improper.

Who will benefit?

This webcast will be of a valuable assistance to the below audience.

  • Security Officers
  • Compliance Officers
  • Nurses
  • Healthcare Attorneys
  • Health Information Management Professionals
  • Medical Records Directors
  • Security Personnel
  • Basically, anyone who comes in contact with patients

Registration Options

Max 5 participants from a single location with 1 Dial-in.

Max 10 participants from a single location with 2 Dial-in.

Avail 12 months unlimited access for a single user.

Material shipped within 15 days post webinar completion & get life time access for unlimited participants.

Avail recording + Attend live session for a single participant.

Unlimited participants for max 5 locations.


HIPAA Privacy Officer, HIPAA Privacy Officer Training, HIPAA Privacy Officer Course, HIPAA and HITECH expectations, Protected Health Information, PHI, HIPAA Training, HIPAA 2019 Changes, HIPAA 2019 updates, HIPAA Changes, HIPAA Security, HIPAA Audit, Omnibus Rule, HIPAA 2019 Law, HIPAA cases, Health Insurance Portability and Accountability Act, Health and Human Services, Health Care, New HIPAA Rules, HIPAA Business Associate, HIPAA Violations and Fines, HIPAA Best Practices

Speaker Details



Healthcare Attorney, Author and President of EMR Legal

Jonathan P. Tomes has been an expert witness in litigation involving health information compliance issues and is the President of EMR Legal, Inc., a national HIPAA consulting firm. His knowledge of the law and of the practical aspects of handling security incidents to avoid liability provide a rare opportunity for compliance officers and medical records veterans and novices alike. Mr. Tomes has presented seminars nationally for more than 20

Refund Policy

Participants/Registrants for our live events, may cancel up to 72 hours prior to the start of the live session and ComplianceTrain will issue a letter of credit to be used towards any of ComplianceTrain's future events. The letter of credit will be valid for 12 months.

ComplianceTrain will process refund in cases where the event has been cancelled and is not rescheduled within 90 days from the original scheduled date of the webinar. In case if a live webinar is cancelled, participants/registrants may choose between recorded version of the course or a refund. Refunds will not be processed to participants who do not show up for the webinar. A webinar may be cancelled due to unavoidable circumstances, participants will be notified 24 hours before the scheduled start of the event. Contact us via email: