HIPAA/HITECH Final Rule and California Law Webinar DVD
What California hospitals need to know

Webinar Recorded Live February 27, 2013
Program Rated 4.5 out of 5 by participants


There’s a lot of buzz around the new HIPAA/HITECH final rule, and hospitals are moving quickly to review and understand the new federal regulations. But, California has its own set of laws to consider that are sometimes more stringent.

So, which laws do you need to follow? Faculty from legal and hospital backgrounds compare the new federal rule and existing state laws, and tell you which laws to follow to stay compliant. You’ll also hear practical advice on how to implement the new requirements in your facility.

Recommended for:

Privacy officers, health information managers and staff, compliance officers, in-house legal counsel, chief information officers, chief nursing officers and risk managers.


New Federal HIPAA/HITECH final rule

  • Key deadlines for implementation, enforcement
  • California laws — CMIA, LPS, breach notification

Breach notification 

  • Harm threshold replaced by “more objective” standards
  • Meaning of “probability that PHI has been compromised”
  • Potential impact on hospitals — more reporting to OCR
  • Breach notification tool — how to analyze and apply CA and federal laws

Uses and disclosures of PHI — the new rules

  • Fundraising and the “opt out” clause — verbal, written communications
  • Conflict of law regarding disclosure of immunizations
  • Sale of PHI — now prohibited, but some exemptions
  • Non-disclosure to HMOs — what it covers and why
  • Access to decedent’s PHI — state and federal conflicts
  • Consent for research purposes now combined
  • Genetic information and health plan restrictions

Patient rights

  • Patient access to electronic PHI — EHR vs. designated record set
  • Providing copies — allowable fees, types of media
  • Additional content of Notice of Privacy Practices

Business associate (BA) requirements

  • BAs now shouldering responsibility
  • Amending your BAAs


Peggy Nakamura, RN, MBA, JD, DFASHRM, CPHRM, is vice president, chief risk officer and associate counsel for Adventist Health. In this role, she oversees a comprehensive Risk Management Department and the Adventist Health Enterprise Risk Management program, including self-administered/self-insured programs in workers’ compensation, professional, general and managed care liability. Ms. Nakamura has more than 35 years of health care experience and has worked in critical care nursing, nursing administration and as a medical malpractice defense attorney. In addition, she has developed health care system risk management programs. She is a frequent national speaker on health care risk management topics, authored several articles and co-authored numerous risk-management publications.

Lois Richardson, Esq., has served as CHA’s legal resource for the past 18 years, primarily as legal counsel and most recently as vice president of Privacy and Legal Publications/Education. Her noteworthy publications include the highly-regarded Consent Manual, for which she served as editor for the last 17 years. She also directed the development of CHA’s Patient Privacy Manual when HIPAA was first enacted in 2003 and was also was responsible for the California Health Information Privacy Manual, which addresses both state and federal laws regarding the use and disclosure of health information. For the last ten years she has also served as the executive director for the California Society for Healthcare Attorneys.