HIPAA 2022: You’ve Got Questions, We’ve Got Answers

HIPAA 2022: You’ve Got Questions, We’ve Got Answers

Webinar On Demand
Continue to Course
Online Course | Specialties: Family Medicine, Hospitalist, Internal Medicine
Released: 6/21/2022
Expires: 6/20/2023
Max Credits: 1.0

By clicking "Continue," you confirm that you have reviewed the CME information.

Continue Read Overview

Chris Bennington, JD
Epstein Becker Green
Cincinnati, OH

Marlene Icenhower, BSN, JD, CPHRM
Senior Risk Specialist, Coverys
Boston, MA

Elizabeth (Beth) A. Kastner, JD
Epstein Becker Green
Columbus, OH

Chris Bennington, JD
Managed care organizations and hospitals turn to Chris Bennington to represent them in matters involving fraud and abuse, data privacy and security, regulatory compliance, clinical research, Medicaid managed care, and managed care and vendor contracting. He has served as counsel to managed care organizations and hospitals before federal and state regulatory agencies, including the U.S. Department of Health and Human Services.

Attorney Bennington provides on-site training to clients and presents at healthcare law forums across the country on a wide assortment of regulatory and compliance matters, including the False Claims Act (FCA), the Health Insurance Portability and Accountability ACT (HIPAA), and the Health Information Technology for Economic and Clinical Health (HITECH) Act.

Marlene Icenhower, BSN, JD, CPHRM
Marlene Icenhower has more than 30 years of combined medical and legal experience in a variety of settings. She received both her Bachelor of Science degree and Juris Doctor degree from Saint Louis University in Missouri. With a background in professional liability litigation and regulatory compliance, she has extensive experience in advising clients in the healthcare industry regarding compliance with state and federal law and risk reduction techniques.

Prior to joining Coverys, Attorney Icenhower was the risk manager and patient safety officer for a medium-sized public hospital in Washington state. She has first chair trial experience and in-depth knowledge of the discovery process. Attorney Icenhower also has extensive experience regarding statutes applicable to public hospitals, case management, utilization review, and regulatory compliance. Her special interest is in the area of risk reduction strategies related to birth injury.

Elizabeth (Beth) A. Kastner, JD
Hospitals, hospices, and health plans turn to healthcare attorney Beth Kastner for advice on contractual arrangements as well as regulatory, operational, and compliance matters. She regularly advises clients on vendor/supply chain relationships, clinically integrated networks, and managed care contracting, including narrow networks, shared saving, and bundled payment models.

Attorney Kastner also routinely advises clients on compliance with health information privacy laws and healthcare fraud and abuse laws, with a particular emphasis on structuring compliant physician compensation arrangements.

Activity Planners
Mark J. Hakim, BS, MA, MBA, CPHRM
Director, Policyholder Education and Strategy
East Lansing, MI

Kathryn Schaefer, MSN, RN, CPHRM, CHCP, FASHRM
Associate Director, Systems-based Initiatives
East Lansing, MI

Learning Objectives
Upon completion, participants should be able to:

  • Recognize when sensitive information in a medical record needs to be redacted as part of a record request
  • Discuss the concerns related to sharing health information of a minor patient with a parent or guardian
  • Describe the documentation required in order to complete a release of records for a deceased patient

Target Audience
This webinar is intended for physicians, nurses, risk managers, quality managers, patient safety officers, performance improvement staff, administrators, pharmacists, legal counsel, front-line staff, and any other interested parties.

Statement of Need
The US Department of Health and Human Services Office for Civil Rights (OCR) regularly updates or modifies HIPAA rules governing access to protected health information (PHI) to reduce the compliance burden for healthcare entities and increase access for patients. However, the frequent changes and updates can create uncertainty among healthcare professionals (HCPs) and organizations. Questions arise about how to manage requests from third parties, government agencies, or law enforcement, how to respond to requests for sensitive information or PHI of minors and deceased patients, or which law applies when state and federal laws differ. Withholding or delaying the release of necessary information may negatively impact care decisions and patient outcomes.

Provided by Med-IQ, a Coverys company.
Accreditation/Designation Statements
Med-IQ is accredited by the Accreditation Council for Continuing Medical Education (ACCME) to provide continuing medical education for physicians.

Med-IQ designates this enduring material for a maximum of 1.0 AMA PRA Category 1 Credit™. Physicians should claim only credit commensurate with the extent of their participation in the activity.

Med-IQ is accredited as a provider of nursing continuing professional development by the American Nurses Credentialing Center’s Commission on Accreditation.

This nursing activity has been approved for up to 1.0 contact hour.

Nurse practitioners, physician assistants, and other healthcare professionals who successfully complete the activity will receive a Statement of Participation indicating the maximum credits available.

Instructions to Receive Credit
To receive credit, review the introductory CME/CNE material, watch the webinar, and complete the evaluation.

Complete your evaluations and click on the “Continue” button to download your certificate.

Initial Release Date: June 21, 2022
Expiration Date: June 20, 2023
Estimated Time to Complete This Activity: 60 minutes

Disclosure Policy
Med-IQ requires any person in a position to control the content of an educational activity to disclose all relevant financial relationships with any commercial interest. The ACCME defines "relevant financial relationships" as those in any amount occurring within the past 24 months, including those of a spouse/life partner, that could create a conflict of interest (COI). Individuals who refuse to disclose will not be permitted to contribute to this CME activity in any way. Med-IQ has policies in place that will identify and resolve COIs prior to this educational activity.

The faculty/presenters have no financial relationships to disclose.

Disclosure Statement
The content of this activity has been reviewed and has been approved for compliance. The faculty and contributors have indicated the following financial relationships, which have been mitigated through an established COI resolution process, and have stated that these reported relationships will not have any impact on their ability to give an unbiased presentation.

The reviewers and other activity planners have no financial relationships to disclose.
Statement of Evidence-Based Content
Educational activities that assist physicians in carrying out their professional responsibilities more effectively and efficiently are consistent with the ACCME definition of continuing medical education (CME). As an ACCME-accredited provider of CME, Med-IQ has a policy to review and ensure that all the content and any recommendations, treatments, and manners of practicing medicine in CME activities are scientifically based, valid, and relevant to the practice of medicine. Med-IQ is responsible for validating the content of the CME activities it provides. Specifically, (1) all recommendations addressing the medical care of patients must be based on evidence that is scientifically sound and recognized as such within the profession; (2) all scientific research referred to, reported, or used in CME in support or justification of a patient care recommendation must conform to generally accepted standards of experimental design, data collection, and analysis.
Med-IQ is not liable for any decision made or action taken in reliance upon the information provided through this activity.
Contact Information
For questions or comments about this activity, please contact Med-IQ. Call (toll-free) 866 858 7434 or email

System Requirements
For technical assistance, please refer to our Support Manual.

The information provided through this activity is for educational purposes only. This information is intended to provide general guidelines for risk management. It is not intended and should not be construed as legal or medical advice.

Privacy & Confidentiality
Med-IQ is committed to honoring your privacy and protecting any personal information you choose to share with us. For detailed information about our privacy policy, please visit:


Continue With Other Courses in This Series


Although it was first published by the Department of Health and Human Services almost 23 years ago, the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule is still resulting in questions, clarifications, and confusion. Join us and moderator Marlene Icenhower, BSN, JD, CPHRM as we discuss the common, and not so common, questions related to the Privacy Rule with attorneys Elizabeth Kastner and Chris Bennington from Epstein Becker Green. When they’re not taking questions from the audience, our panel members will discuss the Privacy Rule as it relates to minors, sensitive information, and deceased patients. The 2020 Ciox Health decision—and its impact on medical record copying charges—will also be discussed.

By clicking "Continue," you confirm that you have reviewed the CME information.


Unless otherwise indicated, photographed subjects who appear within the content of this activity or on artwork associated with this activity are models; they are not actual patients or doctors.

The information provided through this activity is for continuing education purposes only and is not meant to substitute for the independent medical judgment of a physician relative to diagnostic and treatment options of a specific patient’s medical condition.

COPYRIGHTED. Republication or redistribution of Med‑IQ content, including by framing, is prohibited without prior written consent. Med‑IQ shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.