Publications and Presentations

The following documents were prepared and presented by Phyllis Patrick and co-authors as indicated in the listings.

 

Presentations

  • “The Auditor’s Guide to the Information Security Galaxy” The New England Healthcare Internal Auditors, Inc. (NEHIA) Fall Conference, December 2-4, 2105 Groton, CT
  • Information Governance: New Concept or Evolution of Old Processes?” and “Information Governance: Challenges and Opportunities for the HIM Professional” Oregon Health Information Management Association (OrHIMA) Annual Institute, November 13, 2015, Salem, OR
  • Responsibilities and Rights of Subcontractors in the Compliance Chain”, The 23rd National HIPAA Summit, Washington, DC, March 17, 2015
  • “Beyond Meaningful Use: Lessons Learned and Implications for the Auditor”, New England Healthcare Internal Auditors, Groton, CT December 3, 2014
  • “Breach Avoidance and Mitigation: Best Practices for Healthcare Entities”, Conference Theme: Cyber Liability for Healthcare Organizations, Connecticut Chapter of Healthcare Financial Management Association, August 8, 2014
  • “Training Your BA Workforce:  Understanding Obligations and Risk Exposure”, NCHICA Workshop for Business Associates and Covered Entities, Chapel Hill, NC.  June 26, 2014.  Presenters:  Phyllis Patrick and Robert Michalsky
  • “Meaningful Use Audits:  Lessons Learned and Continuing the Journey”, AMC Security and Privacy Conference, sponsored by NCHIA and AAMC, Chapel Hill, NC. June 24, 2014.  Presenters:  Phyllis Patrick, Kimberly Clarke, Kelly Pollock.
  • “PHI Mapping: Do You Know Where Your Data Is?”, AMC Security and Privacy Conference, sponsored by NCHIA and AAMC, Chapel Hill, NC. June 23, 2014. Presenters: Phyllis Patrick, Nassar Nizami, Dennis Schmidt.
  • “Vendor Management in Business Associate Relationships:  Assuring Compliance Down the Chain”, AMC Security and Privacy Conference, sponsored by NCHIA and AAMC, Chapel Hill, NC. June 23, 2014. Presenters:  Phyllis Patrick, Rebecca Fayed.
  • “Meaningful Use + HIM = Quality Informatics”, Health Information Management Association of New York City (HIMANYC), New York, NY May 9, 2014.
  • “Meaningful Use Audit Process:  Focus on Outcomes and Security”, The Twenty second National HIPAA Summit, Washington, DC. February 5 – 7, 2014.
  • “Security, Privacy, Breach, Enforcement – We’re not in Kansas anymore!”, New England Healthcare Internal Auditors, Groton, CT.  December 4, 2013.
  • “Meaningful Use:  Risks and Opportunities”, Health Care Financial Management Association, Hudson Valley Chapter, Fishkill, NY.  November 21, 2013.
  • “Mobile Technology:  An Auditor’s Tool Kit for Understanding Risks and Opportunities”, Association of Healthcare Internal Auditors Conference, Chicago, IL.  August 26, 2013.
  • “Genetic Privacy: New Challenges and Future State”, AMC Security and Privacy Conference, sponsored by NCHIA and AAMC, Chapel Hill, NC. May 6 – 8, 2013. (Presenters: Phyllis Patrick, Kristin Ahearn, Mark Robson, MD).
  • “The Next Generation of Auditing and Monitoring Programs: Challenges and Best Practices”, AMC Security and Privacy Conference, sponsored by NCHIA and AAMC, Chapel Hill, NC. May 6 -8, 2013. (Presenters: Phyllis Patrick, Nassar Nizami and Laura Osborn).
  • “Basic Training for Privacy and Information Security Professionals”, Pre-conference Workshop, AAMC Security and Privacy Conference, sponsored by NCHICA and AAMC, Chapel Hill, NC. May 5, 2013. (Presenters: Karen Pagliaro-Meyer and Phyllis Patrick).
  • “The Omnibus Rule: New Requirements and Preparations”, Seminar Series sponsored by Kaufman, Borgeest, & Ryan LLP and Phyllis A. Patrick & Associates LLC, New York, NY. April 14, 2013 and IIselin, NJ. April 19, 2013. (Presenters: Margaret Davino and Phyllis Patrick).
  • “Preparing for OCR and MU Audits: What the Finance Professional Needs to Know”, sponsored by HFMA Metro New York, New York, NY. April 12, 2013.
  • “Privacy and Security Boot Camp for Researchers”, ExL Pharma Clinical Billing and Research Compliance, Annual Conference, Louisville, KY. March 20, 2013. (Presenters: Phyllis Patrick, Martha Adams, MD).
  • “Meaningful Use in Research and EMRs: Implications for Your Organization”, ExL Pharma Clinical Billing and Research Compliance, Annual Conference, Louisville, KY. March 18, 2013.
  • “Information Security in 2016: What will your program look like?”, The Twenty-First National HIPAA Summit, Washington, DC. February 19 – 20, 2013.
  • “Are you Audit Ready? Survival Strategies and 22 Steps to Audit Readiness”, and “HIPAA Breaches: Ask an Expert”, Seminar Series sponsored by Phyllis Patrick & Associates LLC and Nixon Peabody, LLP. New York, NY. January 22, 2013. Presenters: Phyllis Patrick, Debora Marsden, and Lindsay Maleson.
  • “The HIPAA/HITECH Final Rule: Data Protection Goes to 10 on the Richter Scale”, New England Healthcare Internal Auditors, Groton, CT; December 6, 2012.
  • “Recent Developments in Subject Data Privacy and Security”, MAGI’s Clinical Research Conference – 2012 West, San Diego, CA, October 22, 2012.  Presenters:  Phyllis Patrick and Sandra Sather
  • “Meaningful Use:  The HIM Professional Brings Value and Leadership”, Oregon Health Information Management Association, Portland, OR, September 14, 2012.
  • “Step it UP:  Your Privacy and Information Security Program in 2015”, Oregon Health Information Management Association, Portland, OR, September 14, 2012.
  • “What the Finance Professional Needs to Know About Meaningful Use”, Health Care Financial Management Association, Hudson Valley Chapter, Fishkill, NY; September 13, 2012.
  • “Auditing Social Media: Avoiding Risk and Providing Value”, Association of Healthcare Internal Auditors, National Conference, Philadelphia, PA; August 27-29, 2012.
  • “Managing the Consenting Process in Health Information Exchange”, AMC Security and Privacy Conference, sponsored by NCHIA and AAMC, Chapel Hill, NC.  April 24, 2012.  Presenters:  Phyllis Patrick, Irene Koch, Nance Shatzkin.
  • “Late Breaking Topics in Privacy and Security that May Affect the Research Community”, AMC Security and Privacy Conference, sponsored by NCHICA and AAMC, Chapel Hill, NC, April 25, 2012 (presenters: Martha Adams, M.D., and Phyllis Patrick).
  • “Basic Training for Privacy and Information Security Professionals”, pre-conference workshop, AMC Security and Privacy Conference, sponsored by NCHICA and AAMC, Chapel Hill, NC, April 22, 2012 (presenters: Karen Pagliaro-Meyer and Phyllis Patrick).
  • “Managing Security Concerns with HIE and Business Associates”, The Twentieth National HIPAA Summit, Washington, DC. March 27, 2012.
  • “How will HITECH Affect Your Research Program?”, ExL Pharma Clinical Billing and Research Compliance, Annual Conference, Las Vegas, NV, March 6, 2012.
  • “Managing Stakeholder Relationships: Who Owns Security?”, Virginia Alliance for Secure Computing & Networking (VA SCAN), Annual Conference. Williamsburg, VA. October 6, 2011. Presenters:  Wayne Martin and Phyllis Patrick.
  • “Security and Privacy Program Governance in the HITECH Era”, HIPAA Summit West, San Francisco, CA. September 21, 2011.
  • “Audit Planning + Audit Savvy = Audit Readiness for OCR”, Association of Healthcare Internal Auditors, National Conference, San Diego, CA. September 9, 2011.
  • “How Do I Do My Job While Meeting Privacy and Rules?”, Workshop for Nursing/Utilization Review at Palomar Pomerado Hospital, San Diego, CA. September 6, 2011.
  • “Compliance for the Finance Professional:  Passing New York’s Audit Requirements”, Healthcare Financial Management Association of the Hudson Valley, Summer School for Finance Professionals, Fishkill, NY. July 21, 2011.
  • “Is Your Compliance Program Ready for the Mandated OCR Audit Program?”, AMC Security and Privacy Conference, sponsored by NCHIA and AAMC, Chapel Hill. NC, May 24, 2011.
  • “HIPAA/HITECH Training for New Privacy and Security Professionals”, Pre-conference workshop, AMC Security and Privacy Conference, sponsored by NCHIA and AAMC, Chapel Hill, NC, May 22, 2011. Presenters:  Karen Pagliaro-Meyer and Phyllis Patrick.
  • “Social Media in Health Care:  Privacy and Security Issues”, Greater New York Hospital Association, New York, NY. May 19, 2011.
  • “Privacy and Security:  Achieving Meaningful Use”, Health Care Compliance Association 2011 Annual Institute, Orlando, FL. April 11, 2011. Presenters:  Phyllis Patrick and Kelly Willenberg.
  • “Getting Ready for Required OCR Audits and the Required Audit Program Mandated by HITECH”, The Nineteenth National HIPAA Summit, Washington, DC. March 10, 2011.
  • “Meaningful Use Considerations for Privacy and Security”, Greater New York Hospital Association, New York, NY. February 3, 2011.
  • “Use IT or Lose IT:  Complying with HIPAA/HITECH and EHR Requirements to Achieve Healthcare Reform”, Healthcare Financial Management Association (HFMA)/New Jersey Chapter and Health Information Management Systems Society (HIMSS)/NJ Chapter, East Windsor, NJ. January 18, 2011.
  • “HITECH/HIPAA/Electronic Medical Records/Meaningful Use/Breach Notification – What Actions Should Hospitals and Physicians Take Right Now?”, Seminar Series sponsored by Kaufman, Borgeest, & Ryan LLP and AP Health Care Compliance Group LLC, Iselin, NJ. December 15, 2010. Presenters:  Margaret Davino and Phyllis Patrick.
  • “How to Perform a Privacy and Security Assessment, including HITECH and Meaningful Use Readiness”, New England Healthcare Internal Auditors, Mystic, CT, December 1-3, 2010.
  • “HITECH/HIPAA/Electronic Medical Records/Meaningful Use/Breach Notification – What Actions Should Hospitals and Physicians Take Right Now?”, Seminar Series sponsored by Kaufman, Borgeest, & Ryan LLP and AP Health Care Compliance Group LLC, New York, NY. November 16, 2010. Presenters:  Margaret Davino and Phyllis Patrick.
  • “Security Issues and Solutions Relating to Social Media in Health Information Exchange”,  HIPAA Summit West, San Francisco, CA. October 4, 2010.  Presenters: Phyllis Patrick and Angel Hoffman.
  • “Meaningful Use and Impact on Privacy and Security”, Pre-conference Focus Group, AMC Security and Privacy Conference, sponsored by NCHIA and AAMC, Chapel Hill, NC. June 7, 2010. Facilitators:  Wayne Martin and Phyllis Patrick.
  • “Stop Thief!  How AMCs are Handling Compliance with Identity Theft and the Red Flags Rule”, AMC Security and Privacy Conference, sponsored by NCHIA and AAMC, Chapel Hill, NC. June 9, 2010. Presenters:  Phyllis Patrick, Aviva Halpert, James DiDonato.
  • “Evaluating Your Information Security Program”, The Eighteenth National HIPAA Summit, Washington, DC. February 3, 2010. Presenters: Phyllis Patrick and Angel Hoffman.
  • “HIPAA Privacy and Security Compliance Professional Roundtable:  Advanced Issues in HIPAA Compliance”, The Eighteenth National HIPAA Summit, Washington, DC.     February 4, 2010. Presenters:  William R. Braithwaite, MD, PhD, Judi Hofman, Debbie Mikels, Phyllis Patrick.
  • “Conflict of Interest:  It’s a New Game”, Healthcare Financial Management Association, Metro New York Chapter, New York, NY.  July, 2009.  Presenters:  Phyllis Patrick, Thomas Flynn, Robert Mayer.
  • “Re-Thinking Risk Assessment:  Are You Counting the Ants While the Elephants Run By?”, HCCA Annual 2009 Compliance Institute, Las Vegas, NV. April, 2009.   Presenters:  Karen Murray, Phyllis Patrick, Stephen Gillis, Kelly Sauders.
  • “An Overview of How AMCs are Managing Data in an Increasingly Complex Regulatory Environment”, Academic Medical Centers Security and Privacy Conference, North Carolina Healthcare Information and Communications Alliance, Inc. (NCHICA), Chapel Hill, March, 2009. Presenters:  Angel Hoffman, Phyllis Patrick, Sharon Budman, I. Ramsingh.
  • “Tools for More Efficient and Effective Compliance:  The What, How & How Much; Ways to Improve Compliance ROI”, Academic Medical Centers Security and Privacy Conference, North Carolina Healthcare Information and Communications Alliance, Inc. (NCHICA), Chapel Hill, NC. March, 2009. Presenters:  Phyllis Patrick, Angel Hoffman, Julianne Tenney.
  • “Compliance 101”,  AHLA/HCCA Fraud and Compliance Forum, Baltimore, MD.  October, 2008. Presenters:  Karen Murray, Phyllis Patrick.
  • “The New Compliance Environment:  Hot Topics from the Provider Perspective”,  Healthcare Financial Management Association, Metro New York Chapter, New York, NY. November, 2008. Presenters:  Laurie Radler, Phyllis Patrick, Karen Pagliaro-Meyer, Elizabeth Herbert.
  • “Conflict of Interest:  A Common Sense Approach for Assessing and Managing Disclosures”,  New England Healthcare Internal Auditors, Newport, RI. December, 2007.
  • “A Common Language for Compliance Audits”, Academic Medical Center Security and Privacy Conference, North Carolina Healthcare Information and Communications Alliance, Inc. (NCHICA), Chapel Hill, NC.  June, 2007.  Presenters:  Phyllis Patrick, Joan Podleski, Julianne Tenney.

Publications

  • “HIPAA Security Risk Analysis:  How do your Tools and Approaches Measure Up?”, CT Scanner, Healthcare Financial Management Association, Connecticut Chapter Newsletter, April, 2014.
  • “Managing Risk through PHI Mapping: Do You Know Where Your Data Are?”, New Perspectives, Association of Healthcare Internal Auditors, Spring 2014
  • “Preventing Data Breaches: Lessons Learned from Recent Cases”, CT Scanner Healthcare Financial Management Association, Connecticut Chapter Newsletter, January 2014.
  • The Meaningful Use Program: Auditing Challenges and OpportunitiesNew Perspectives, the journal of the Association of Healthcare Internal Auditors, Spring 2013
  • “Consolidation Strategies:  Don’t Forget Security and Privacy Due Diligence!”, CT Scanner, Healthcare Financial Management Association, Connecticut Chapter Newsletter, October, 2013.
  • “The Omnibus Rule:  Focus on Business Associates”, CT Scanner, Healthcare Financial Management Association, Connecticut Chapter Newsletter, July, 2013.
  • The Omnibus Rule:  A Compliance Checklist”, CT Scanner, Healthcare Financial Management Association, Connecticut Chapter Newsletter, March, 2013.
  • “Meaningful Use Incentive Program Update: State 2 Ups the Game for Security”, Managing Health Today, Healthcare Financial Management Association, Hudson Valley (NY) Chapter Newsletter, October 2012.
  • “How Cloudy is Your Future?  Security Compliance Considerations in Cloud Computing”, CT Scanner, Healthcare Financial Management Association, Connecticut Chapter Newsletter, July, 2012.
  • “Is Your Organization Ready for an OCR Privacy and Security Audit?“, CT Scanner, Healthcare Financial Management Association, Connecticut Chapter Newsletter, March 2012.
  • “Achieving Meaningful Use While Meeting Privacy and Security Requirements”, New Perspectives, Association of Healthcare Internal Auditors, Winter 2011.
  • “The Medicaid Meaningful Use Program: A Primer for Connecticut Physicians and Eligible Professionals”, CT Scanner, Healthcare Financial Management Association, Connecticut Chapter Newsletter, December 2011.
  • “The Myths of Meaningful Use and How to Protect Your Incentive Payments”, CT Scanner, Healthcare Financial Management Association, Connecticut Chapter Newsletter, October, 2011.
  • “It’s Not Just About the Money:  Information Security Risk Analysis is Key to Obtaining EHR Incentive Funds”, Managing Health Today, Healthcare Financial Management Association, Hudson Valley (NY) Chapter Newsletter, June, 2011.
  • “Privacy and Security Implications of Meaningful Use for Health Care Providers”, published by the North Carolina Healthcare Information and Communications Alliance, Inc. (NCHICA).  Prepared by: Phyllis A. Patrick, MBA, FACHE, CHC and Wayne S. Martin, MS, CISA, CISM, CISSP and based on deliberations of the NCHICA Meaningful Use Work Group, October, 2010.