HIPAA compliance expectations from Small Healthcare Providers

For The Health Information Portability and Accountability Act (HIPAA), the Business Associate is a major component. According to HIPAA, a Business Associate (BA) is an organization or a person who works with or provides service to a Covered Entity. A CE is one who handles or discloses Protected Health Information (PHI). This makes a Business Associate any person or entity that is involved in creating, receiving, maintaining or transmitting PHI to a CE for a purpose or activity or function as mandated and regulated by the HIPAA Privacy Rule.

Small businesses struggle with meeting HIPAA requirements

There are specific requirements that small healthcare practices need to put in place and to show that their program is current and meets the regulatory requirements set out in HIPAA. They need to conceive and implement a HIPAA compliance program that meets the requirements set out in this legislation. The compliance program should not only be adequate; it should be robust and resilient enough to withstand HIPAA’s strict scrutiny at various levels.

Helping small healthcare providers with the knowledge and skill needed for meeting HIPAA requirements is the purpose of a two-day seminar that is being organized by GlobalCompliancePanel, a leading provider of professional trainings for all the areas of regulatory compliance. At this seminar, Jay Hodes, who is a leading expert in HIPAA compliance and President of Colington Consulting, which provides HIPAA consulting services for healthcare providers and Business Associates, will be the Director.

Want to get a complete understanding of the requirements that small healthcare providers need to meet to comply with HIPAA requirements? Just register for this learning session by visiting HIPAA compliance expectations from Small Healthcare Providers.

Full explanation of what all a small business provider needs to do

This seminar is particularly created for small healthcare providers who have a difficulty in understanding the HIPAA compliance requirements and meeting them. It will be useful for those of various business sizes, but is primarily focused on the small healthcare provider. Jay will impart the kind of teaching with which organizations will be able to meet all of the HIPAA, HITECH, and Omnibus Rules.

The basis to implementing the requirements of compliance program is to first fully understand them. This is the learning that this seminar will offer. At the end of two days of intense learning that will be interspersed with lively presentations; participants will have inculcated a full grasp of all of the requirements for a comprehensive HIPAA compliance program. They will also have got a clear understanding of the kind of steps that they need to take to mitigate risk.

Steps needed to develop, review and amend HIPAA

The Director will include practical exercises over these two days that will help participants know all that is needed for developing, reviewing, and amending HIPAA policy and procedure. He will equip the participants with a clear roadmap for what needs to be place when it comes to all of the HIPAA regulations.

Over the two days, Jay will cover the following areas:

o  Why was HIPAA created?

o  Who Must Comply with HIPAA Requirements?

o  What are the HIPAA Security and Privacy Rules?

o  What are the Consequences of being a Business Associate

o  What is a HIPAA Compliance Program for a Business Associate?

o  What is a HIPAA Risk Management Plan?

o  What is a HIPAA Risk Assessment?

o  What is the Role of the HIPAA Security Official?

o  What are HIPAA training requirements?

o  What is a HIPAA data breach and what happens if it occurs?

o  What are the penalties and fines for non-compliance and how to avoid them

o  Case Examples of HIPAA Data Breaches

o  Creating a Culture of Compliance

o  Q&A.

Change Control is at the core of GMP Compliance

Change Control is among the areas for which the highest numbers of FDA 483’s get issued. Documentation and evaluation of Change Control are of critical importance to an effective Quality System program. Along with Out of Specification, Change Control has been a regular in the list of the 10 most cited GMP regulations for the past five years. If the nature and number of these citations are any indication, there is no reason to believe that this is going to change.

What happens when the FDA issues 483’s or take other types of penal actions against companies? There could typically be recalls, penalties and even resignations of personnel who hold high positions in the company. Yet, it is the company itself that is to blame for inviting citations from the FDA. If they have an understanding of how to handle Change Control and OOS properly and know how to document them, they can hold their head high and confidently go about their business.

Getting Change Control documentation right

Documentation and evaluation of changes made to validated equipment, utilities, processes and controlled documents are imperative to an effective quality system program, along with several regulatory requirements.

Controlling this process requires one to have a defined Change Control procedure that outlines responsibilities and documentation requirements, along with a form in which to record required information.

The success of a Change Control program and its ability to assure regulatory auditors that the laboratory’s equipment, utilities and systems remain in a state of control are determined by the effectiveness of these items.

A full and in-depth understanding of Change Control 

All the aspects of Change Control, its documentation and the ways of handling OOS will be the teaching a seminar from GlobalCompliancePanel, a leading provider of professional trainings for all the areas of regulatory compliance, will offer.

Kenneth Christie, who is the chief operating officer for VTS Consultants, Inc. and has over three decades of experience in sterile manufacturing and regulatory GMP consulting in the areas of quality assurance and validation management in the pharmaceutical and biotechnology industries, will be the Director of this seminar.

In order to gain complete knowledge of all the aspects of Change Control and OOS, please register for this seminar by visiting Change Control is at the core of GMP Compliance. This seminar has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion.

Focus on the major aspect of Change Control and documenting it, and handling OOS

At this seminar, Kenneth will concentrate on three major points:

o  The regulatory requirements for Change Control, along with what this change applies to

o  The ways of developing a Change Control SOP that will define what is required, along with the responsibilities, and how to quickly provide summaries of changes to investigators

o  Some of the common deficiencies cited by regulatory auditors.

Leading to insights needed to ask the right questions

Kenneth will also offer insights into the multiple benefits that a well maintained Change Control program brings to a company. He will also explain when Change Control is not required to be reviewed. The point of touching upon all these areas is that the participants will be equipped with the insight needed for asking questions on issues relating to their own Change Control procedure.

Just as things change over time, not all results from laboratories, equipment qualifications and product testing will meet defined acceptance criteria, and are subject to change over time. When this happens, companies must first determine the cause, take the required corrective actions and then implement actions to prevent their recurrence.

Preventing recurrence

The effectiveness of these actions lies in how far it is able to determine the root cause. If this is not done, no action can prevent their recurrence. Kenneth will teach how to conduct such investigations and what to expect from these investigations. He will focus on the FDA Guidance document in doing this. Actual case studies will be explained to strengthen the understanding of the various topics that are covered over these two days.

Professionals who work in any of the areas of Quality System and those whose work is related to Change Control in one or another way will benefit from this session. These include Quality Assurance, Quality Control, manufacturing, production, regulatory, laboratory personnel, management and equipment vendors.

Quality by Design using Design of Experiments

The Q8, which is the ICH guidance document on pharmaceutical development, requires a drug product to meet its intended product performance as well as the needs of patients. A drug product is encouraged to adapt a systematic approach for pharmaceutical development in accordance with the steps defined by Quality by Design (QbD) principles, even though the strategy may vary from company to company or from product to product.

The ICH has offered further guidance and policies for explaining the ways by which the QbD approach should be integrated into the pharmaceutical Quality System. Some of these are:

o  Process design

o  Qualification

o  Continued process verification

o  Risk management

o  Validation.

Laxity in implementation is no longer an option

Despite the issuance of guidance on implementation of these requirements; many companies have not yet implemented QbD into their Quality Systems. This will change soon, though. Regulatory agencies have been taking a serious view of non-implementation of these requirements.

The ways in which reviewers will begin to enforce the requirements from these guidance documents have been spelt out in the manual the Chemistry, Manufacturing, and Controls (CMC) reviewers in the Office of Pharmaceutical Science (OPS) released on policies and procedures (MAPP).

The zeal with which the regulatory agencies will enforce compliance with the requirements of the QbD requirements has been emphasized also by the Director of the Center for Drug Evaluation and Research (CDER) at the FDA, who detailed the concept and reiterated the importance of using a QbD approach to pharmaceutical development in a paper he co-authored in The American Association of Pharmaceutical Scientists in May 2014.

Understand the ways of implementing QbD

In the light of the fact that a drug product can no longer afford to relax in its adherence to steps defined by Quality by Design (QbD) principles to adapting a systematic approach for pharmaceutical development; a meaningful and educative two-day seminar from GlobalCompliancePanel, a leading provider of professional trainings for the areas of regulatory compliance, will show the ways of doing this.

At this seminar, Heath Rushing, who is the cofounder of Adsurgo LLC and co-author of the book Design and Analysis of Experiments by Douglas Montgomery: A Supplement for using JMP, will be the Director. To gain complete insight into how to implement QbD, please register for this seminar by visiting Quality by Design using Design of Experiments. This seminar has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion.

Complete learning on QbD using DoE

The core purpose of this session is to demonstrate how to integrate those QbD principles into a pharmaceutical Quality System. Towards this end, Heath will focus on how to establish a systematic approach to pharmaceutical development that is defined by Quality-by-Design (QbD) principles using Design of Experiments (DoE).

He will also take up the application of statistics for setting specifications, assessing measurement systems (assays), developing a control plan as part of a risk management strategy, and ensuring process control/capability for detailed description. All concepts are taught within the product Quality System framework defined by requirements in regulatory guidance documents.

A systematic understanding of the process

A QbD approach for pharmaceutical development studies should include a systematic understanding of the process. It should then use this understanding to establish a control strategy as part of a comprehensive quality risk management program. This systematic understanding should include both identification of significant process parameters and determination of a functional relationship (mathematical model) linking these significant process parameters to the critical Quality Attributes (CQAs). Heath will discuss these in depth.

Despite the thrust of this seminar on the use of DoE for QbD; it will integrate multiple aspects of QbD. An understanding of the relevant applied statistics will be offered, which will help participants understand how statistics can be used to help in two foundational requirements of QbD: A) Setting specifications, and B) Analyzing measurement systems.

Important tools for facilitating understanding

This seminar will also offer tools to participants, which will help them to derive value out of their designed experiments. Generating and analyzing both screening and response surface designs for QbD studies, the ways of using this information: best practices on presentation, setting control plans, constructing control charts, and evaluating process capability are among the other constituents of this course. This course uses the point-and-click interface of JMP software for analyses.

Heath will cover the following areas at this seminar:

o  Implement QbD principles from discovery through product discontinuation

o  Apply statistics to set specifications and validate measurement systems (assays)

o  Utilize risk management tools to identify and prioritize potential Critical Process Parameters

o  Identify Critical Process Parameters and develop a functional relationship between those process parameters and your Critical-to-Quality Attributes (CQAs)

o  Establish your design space

o  Develop a control plan as part of a risk management strategy

o  Ensure your process is in (statistical) control and capable.

Writing and implementing effective SOP’s

Utmost thoroughness and diligence need to go into writing and implementing effective SOP’s. This is because Standard Operating Procedures are to be designed keeping the exact and fullest details of the task that is to be described. It is a very detailed art as it has to take everything into consideration and leave nothing to chance.

Even the smallest errors or discrepancies or divergences can lead to problems with the product usage. In the context of a laboratory, even with all the details that are standard; details pertaining to the exact situation of the laboratory need to be described. An SOP for even a standardized method such as ASTM or IP can be written insufficiently.

Writing is just one part of the job

If writing an SOP is one job; implementing it is another. Maintaining and assessing are yet other parts of the job. And then, there is the task of revising the SOP if needed. All these are related jobs, but are independent of each other and require different sets of people with their own qualifications and experience to handle.

The need for writing SOPs effectively is best understood in light of the fact that a poorly written and enforced one is among the most common cases of noncompliance that auditors detect.

A seminar on getting writing of SOPs right

The ways of implementing the correct means of writing SOPs for a laboratory will be taught at a seminar that GlobalCompliancePanel, a leading provider of professional trainings for all the areas of regulatory compliance, will be organizing.

The seminar will have John C. Fetzer, who is Founder and Principal Consultant, Fetzpahs Consulting, as Director. John brings over 30 years of experience in HPLC methods development. He has authored or co-authored over 50 peer-reviewed papers on liquid chromatography and has served on the editorial advisory boards of the Journal of Chromatography, Analytical Chemistry, and Analytical and Bio analytical Chemistry.

To gain clear understanding of how to write SOPs that are effective in both helping those working in the laboratory understand how to put it to effective use and are capable of passing compliance requirements, please enroll for this seminar by visiting Writing and implementing effective SOP’s. This seminar has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion.

Description of all the steps

At this seminar, John will describe the complex, but necessary steps both within the laboratory and within the supporting areas for implementation and revision of an SOP. Recordkeeping, safety and training are some of these steps.

John will also describe the reasons for which even standardized methods get insufficiently written. He will explain the steps needed to convert a standard method into an SOP. Laboratory workers, supervisors, managers of a laboratory seeking or under GLP or ISO 17025, and other involved in SOPs, such as Research Associates, Lab Chemists, Lab Supervisors and Quality Officers will derive high value from this seminar.

Over the two days of this seminar, John will cover the following areas:

o  What is the intention and role of SOPs? What tasks require SOPs? The network of SOPs within the Lab

o  What are the compliance requirements for an SOP? Roles and responsibilities. Can a Standard method be used as an SOP?

o  Creating an SOP. For a new task. For a Standard method. Reviewing the first attempt

o  Creating an SOP. For a new task. For a Standard method. Reviewing the first attempt (continued)

o  Interplay within the lab to improve the draft SOP Iterations?

o  Implementation of the SOP

o  Monitoring and Assessing the SOP. When should an SOP be revised? Revising the SOP.

o  Archiving and documentation. Which SOP to use when? Other requirements.