Get ahead of 2025 compliance changes and avoid costly mistakes with this brand-new 3-part HIPAA compliance training series—designed exclusively for medical practices like yours.
Inside this series, four healthcare compliance experts, Iliana Peters, Brian L. Tuttle, Daphne Kackloudis, and Ashley Watson, will provide you with clear, actionable steps to:
- Text patients without violating HIPAA
- Implement 2025’s updated Security & Privacy Rule changes
- Prevent $50,000 fines from mishandling medical records
Don’t miss this chance to enhance your compliance skills. Register today to protect your practice, your patients, and your bottom line.
SAVE 15% INSTANTLY!
Order your 3-Part series in the next 5 days, and you’ll save an additional 15% off the total cost. Discount is already reflected. No code is necessary. Or, if you prefer, you can order each session individually at the regular rate. ORDER TODAY!
PART 1: New HIPAA Compliant Texting Guidance: Avoid Audits & Penalties
Available Immediately, Choose the On-Demand Recording to Watch at Your Convenience.
Communicating patient information via text and email may be convenient, but it can also be very dangerous — particularly in light of CMS’ update to the rules around texting patients.
Federal and State HIPAA laws significantly restrict how you utilize text and email when transmitting patient data. Failure to comply with these complex rules can leave you exposed to a HIPAA audit and significant financial penalties.
Don’t make the mistake of thinking that only hospitals get targeted for a HIPAA violation and end up paying penalties. That was certainly the case in the early years of HIPAA enforcement. However, recently, 74% of penalties were imposed on practices just like yours.
The good news is that you can avoid massive federal and state HIPAA violation fines and penalties with a few simple changes to your current processes. But only if you can identify the danger zones. Figure out how by attending this upcoming online training being presented by the former Head of the HIPAA program for the Department of Health and Human Services, Office for Civil Rights, Iliana Peters, JD, LLM, CISSP.
During this online training, Iliana will walk you through exactly how to prevent federal and state violations and fines because of noncompliance with emailing and texting HIPAA laws. You’ll be surprised by what can land you in serious trouble.
Here are just a few of the practical, step-by-step tactics you’ll receive that will help you protect your practice from being penalized for HIPAA compliance violations related to emailing and texting patient information:
- Discover what CMS’ memo requires if you plan to text patients
- Choose the safest communication method: patient portal vs. email communications
- Protect yourself from HIPAA violations with one simple item added to your emails
- Identify when you can send PHI via email – or if you ever should
- Stop the worst internal text message HIPAA violators from sinking your practice
- Prevent private email use (i.e., Gmail, Yahoo etc.) from ending in catastrophe
- Improve HIPAA security for all of your messaging easier than you thought possible
- And so much more…
PART 2: Avoid Fines: Ace NEW 2025 HIPAA Security & Privacy Updates
Available Immediately, Choose the On-Demand Recording to Watch at Your Convenience
The clock is ticking. Changes to the HIPAA Security Rule in 2025 will make it easier than ever for auditors to catch violations. The result? More fines. Bigger penalties. And for many practices, the potential for severe financial pain.
Here’s the truth: HIPAA breaches aren’t a question of “if” — it’s “when.” Between 2022 and 2024, more breaches were reported than in the entire history of HIPAA combined. The government is cracking down—and no practice is too small to escape their radar.
And now, with the 2025 updates, keeping up with the rules has never been harder. Audits are tougher. Enforcement is stricter. And the risks? Sky-high. But you don’t have to face this alone.
Meet Brian L. Tuttle: The HIPAA Expert You Need
Brian L. Tuttle (CPHIT, CHP, CHA, CBRA, CISSP, CCNA) is a nationally recognized HIPAA Security and Privacy expert. Brian is hosting a 60-minute training session to help you survive the new 2025 HIPAA Security requirements.
Brian will utilize actual enforcements to help you identify and avoid the biggest risks to your practice. This is your chance to learn exactly how to protect your practice from costly penalties—and stay ahead of the changes.
What You’ll Learn: Actionable Strategies to Safeguard Your Practice
This session goes beyond the basics. You’ll walk away with actionable HIPAA Security compliance tactics to shield your practice from breaches, audits, and fines. Here’s a sneak peek at what you’ll take away from this session:
- Avoid costly mistakes with your EHR and telehealth platforms
- Uncover hidden cyberattack vulnerabilities you’ve likely overlooked
- Learn what auditors are targeting—and how to ensure you’re compliant
- Revamp your Notice of Privacy Practices to meet new 2025 standards
- Pin down how your state HIPAA laws could override federal rules
- Head off common errors with email, texting, and waiting room protocols
- Implement must-have portable device policies to avoid breaches
- Master new Protected Health Information (PHI) definition to comply
- Overcome OCR deadline confusion to respond on time and prevent penalties
- Avert Wi-Fi router loopholes that can get you into massive trouble
- And much more…
PART 3: Avoid Medical Record Destruction Mistakes and $50,000 Fines
Available Immediately, Choose the On-Demand Recording to Watch at Your Convenience.
Failing to follow medical records destruction rules can cost you up to $50,000 per violation. Recent changes by the Supreme Court now require you to keep records for 10 years instead of 6, unless your state demands more. This means you need to update how you manage, store, and destroy records to avoid hefty HIPAA penalties. Both paper and digital files are at risk.
Join healthcare attorneys Daphne Kackloudis, JD, and Ashley Watson, JD, for a 60-minute online training. They’ll explain the latest changes in medical records destruction and retention rules in clear, simple terms, helping you stay compliant and avoid significant fines.
In this essential session, you’ll learn:
- A plain-English breakdown of the Supreme Court’s ruling on the False Claims Act statute of limitations.
- Strategies to prevent patient complaints about records retention, the #3 cause of violations.
- How to avoid fines when mailing lab and other PHI.
- Steps to update your medical records destruction policies.
- Best practices for storing both digital and physical records.
- How to manage accidental destruction or loss of records due to natural events.
- Policies to ensure timely destruction of records.
- A checklist to identify often-overlooked PHI, such as no-show patient records and attorney requests.
- The differences between state and federal requirements and simple compliance methods.
- How to handle tricky-to-destroy items like texted photos.
- What HIPAA requires you to retain and destroy, and when.
- Documentation essentials to avoid penalties.
100% Satisfaction Guaranteed or a Full Refund.
You take no risk whatsoever. If you find this essential session doesn’t meet your expectations or you are not satisfied for any reason, simply let us know.
Access Over 200 Expert-Led Online Trainings with an Annual Subscription!
Learn More >>
Live & 24/7 on-demand learning for everyone at your location.
Iliana believes good data privacy and security are fundamental to ensuring consumer participation in new technologies, employee-employer relationships, patients’ trust in the health care system, students’ confidence in their education, and helping all clients succeed in an ever-changing landscape of threats to data security. She is recognized by the health care industry as a preeminent thinker and speaker on data privacy and security, particularly with regard to HIPAA, the HITECH Act, the 21st Century Cures Act, the Genetic Information Nondiscrimination Act (GINA), FERPA, the Privacy Act, state law data privacy and security requirements, and emerging cyber threats to data.
For many years, Iliana both developed information privacy and security policy, including on emerging technologies and cyber threats, for the Department of Health and Human Services, while coordinating with the Department of Justice, Department of Education, other federal agencies, State Attorneys General and the White House. She enforced HIPAA regulations through spearheading multimillion-dollar settlement agreements and civil money penalties pursuant to HIPAA.
She also focused then on training individuals in both the private and public sector, including compliance investigators, auditors, and State Attorneys General, on federal and state regulations and policy, and on good data privacy and security practices. Now, Iliana works closely with her clients on complicated compliance questions, incident response, investigations, and training to protect data and avoid legal risk and legal liability, both at the state and federal levels. ILIANA also supports clients’ defense of individual and class action litigation related to all types of data privacy, security and breach claims.
As a CISSP, she works hard to bridge the gap between legal requirements for the security of health data and security industry best practices, so that clients can better understand data security issues and jargon. ILIANA enjoys using her extensive experience drafting, implementing, and enforcing health privacy and security regulations and guidance in a practice that focuses on helping clients develop and implement good data privacy and security practices to avoid risk, and helping clients prepare for and recover from emerging cyber threats.
Brian is a Certified Professional in Health IT (CPHIT), Certified HIPAA Professional (CHP), Certified HIPAA Administrator (CHA), Certified Business Resilience Auditor (CBRA), Certified Information Systems Security Professional (CISSP) with over 17 years’ experience in Health IT and Compliance Consulting.
With vast experience in health IT systems (i.e. practice management, EHR systems, imaging, transcription, medical messaging, etc.) as well as over 17 years’ experience in standard Health IT with multiple certifications and hands-on knowledge, Brian serves as compliance consultant and has conducted onsite and remote risk assessments for over 1000 medical practices, hospitals, health departments, insurance plans, and business associates throughout the United States.
In addition, Mr Tuttle has served in multiple litigated court cases serving as an expert witness offering input related to best practices and requirements for securing and providing patient access to protected health information. Mr. Tuttle has also worked directly with the Office of Civil Rights (OCR) both in defending covered entities and business associates as well as being asked by the Federal government to audit covered entities and business associates on behalf of the OCR.
Daphne L. Kackloudis is a member of the firm, she heads BMD Columbus’ health care practice, and she chairs BMD’s Empowerment and Opportunity (DE&I) Committee. Daphne’s success –and that of her clients – is rooted in the nexus between traditional health care legal services and health care public policy. She has broad and deep experience in health care operations, service delivery, payment systems, and compliance, as well as Medicaid, public policy, and government affairs. Daphne advises health care trade associations and health care providers as outside counsel and in-house as a member of her clients’ senior leadership teams.
Ashley is Assistant General Counsel at a large hospital network in Columbus, Ohio. Prior to this, Ashley was a healthcare attorney in BMD’s Columbus office. She worked with nonprofit and for-profit health care providers, health care trade associations, individuals, and businesses. Ashley is experienced in healthcare public policy and regulatory compliance, legislative and government affairs, grant administration, and healthcare program operations.
