Skip to main content



Registration and Continental Breakfast (provided) 7:30 – 8:30 am
Welcome / Introduction 8:30 – 8:45 am
Healthcare Compliance 101
• An overview of general compliance topics focusing on the elements of an effective compliance program
• Discuss the infrastructure of a privacy compliance program
• Discuss the Board’s role in compliance
8:45 – 9:45 am
Break 9:45 – 10:00 am

HIPAA 101: Part 1
• Overview of HIPAA Requirements
• Applicability of HIPAA: Who is covered, what is covered
• Responsibilities of covered entities

10:00 am – 12:00 pm
Lunch (provided) 12:00 – 1:00 pm
Privacy Policies & Procedures
• Discuss why HIPAA privacy policies and procedures are necessary at your organization
• Identify the “must have” policies for your HIPAA privacy program
• Practical tips and discussion points for establishing and maintaining effective HIPAA privacy policies
1:00 – 2:30 pm
Break 2:30 – 2:45 pm
Conducting a Privacy Investigation
• Why do an investigation?
• Conducting investigations
• Investigation considerations
2:45 – 4:30 pm
Certified in Healthcare Privacy Compliance (CHPC®) Exam Information 4:30 – 4:45 pm


Continental Breakfast (provided) 7:30 – 8:00 am
HIPAA 101: Part 2/Privacy and Research
• Responsibilities of covered entities (cont.)
• Patient rights under HIPAA
• Privacy regulations related to research
8:00 – 10:00 am
Break 10:00 – 10:15 am
Privacy Risk Assessment 
• Understand the key elements of a risk assessment
• Identify different approaches to doing a risk assessment for privacy
• Identify a process that will work for your organization
10:15 am – 11:45 pm
Lunch (provided) 11:45 – 12:45 pm
Auditing & Monitoring for Your Privacy Program
• Discuss the basics of auditing and monitoring
• Identify the steps in a privacy audit
• Communicating auditing and monitoring results
12:45 – 2:30 pm
Break 2:30 – 2:45 pm
Health Plan & Employer Group Health Plan Privacy Issues 
• Health plan compliance with HIPAA
• Employer-sponsored group health plans
• Hot spots and OCR enforcement
2:45 – 3:45 pm
Break 3:45 - 4:00 pm
BAAs and Third Parties  
• Provide overview of HIPAA contractual and organizational structures
• Outline and discuss selection of appropriate contract tools
• Resources for authoritative resources
4:00 – 5:00 pm

Networking Reception (optional)

5:00 – 6:15 pm


Continental Breakfast (provided) 8:00 – 8:30 am
Privacy & Security Challenges in Electronic Health Information
  • Apply basic HIPAA privacy requirements to the EHR
  • Identify evolving business models, technologies and regulations
  • Learn the basics of the HIPAA Security Rule to the EHR
8:30 – 10:00 am
Break 10:00 – 10:15 am
Integrating Privacy Compliance into the Corporate Compliance Program
  • Evaluate the roles and scope of privacy and compliance
  • Learn techniques for creating effective training programs
  • Apply privacy and compliance roles to investigations
10:15 am – 12:00 pm
Lunch (provided) 12:00  – 1:00 pm
Breach Notification
• Understand breach notification requirements
• Determine when breach notification requirements would not apply
• Discuss the process to follow to determine if you have a reportable breach
1:00 – 2:30 pm
Break 2:30 – 2:45 pm
42 CFR Part 2: Federally Assisted Substance Abuse Programs
• Define “Who” — entities and personnel — are subject to the regulation
• Identify information that is covered by 42 CFR Part 2 with focus on items more stringent than HIPAA
• Provide resources such as samples of Consent Forms and most current list of Definitions
2:45 – 3:45 pm
Break 3:45 - 4:00 pm
Beyond HIPAA: Other Federal Privacy Laws
• Learn the major laws affecting privacy and security obligations of individual information
• Understand the jurisdiction and requirements for compliance with these federal rules
• Apply these rules to emerging theories of litigation and investigation in healthcare
4:00 – 5:00 pm


Continental Breakfast (provided) 7:30 – 8:00 am
Privacy Effectiveness
• Methodology, process and content requested during a HIPAA privacy and security audit
•Understand challenges during a privacy audit
• How audit preparation can be engaged through the seven elements for effective programs
8:00 – 9:45 am
Break 9:45 – 10:00 am
Privacy Compliance Beyond Implementation
•Discuss process, sources and resources for identifying and responding to privacy issues
• Understand the key elements of an ongoing auditing and monitoring plan for the Privacy Compliance Program
• Learn how to take your privacy program to the next level
10:00  – 11:45 am
Academy Ends 11:45 am
CHPC® Exam Check-In Time 12:45 pm

Exam Time — Certified in Healthcare Privacy Compliance (CHPC®) (optional)

The CHPC exam is optional. You must apply and pay for the exam separately from the Academy.

To apply online, visit:

PLEASE NOTE: If you are not present at the specified “Exam Check-in Time” as listed above, and as determined by the exam proctor, you will not be allowed to sit for the exam. Actual exam duration is 120 minutes, per the Candidate Handbook. The time range, listed at left, includes mandatory exam procedures and proctor instructions.

1:00 – 4:00 pm

Agenda is subject to change

All sessions for the Academies are Basic knowledge level:

Basic Program knowledge level is most beneficial to Compliance Professionals new to a skill or an attribute. These individuals are often at the staff or entry level in organizations, although such programs may also benefit a seasoned professional with limited exposure to the area.