Course Description

As Academic Medical Centers and Universities move in a direction to reduce costs and redundancies, unique challenges surface relating to the use and disclosure of protected health information for research. The lines become blurred when each is under common control and ownership and a shared services business model exists for certain functions. The key is the separation of responsibilities of the Institutional Review Board (IRB) and the Privacy Board, in relation to the data sets derived from the AMC’s electronic health records. The presentation will discuss the steps that VCU Health System has undertaken to address the challenges, leverage shared services, streamline processes for Principal Investigators, and develop practices to comply with the requirements of the HIPAA Privacy and Security Rules.

Course Curriculum

  • 1


    • Presentation

    • Slides


VP, Chief Compliance & Privacy Officer, VCU Health System

Jill McCormack

Prior to serving in this role, Jill spent ten years in Compliance Services at VCUHS. Her professional areas of interest are patient privacy, physician engagement, and organizational dynamics and change. Prior to coming to the health system, Jill worked in the sports medicine profession as a certified athletic trainer for ten years. She earned her MS in Health Administration from Medical College of Virginia, Masters of Education from Auburn University, and BA in Sports Sciences from UNC. She also holds a certification in Healthcare Compliance.

Senior Principal Consultant & Chief Privacy Officer, Clearwater

Dawn Morgenstern

Dawn provides professional consulting services related to the development of HIPAA policies and procedures, HIPAA compliance and/or security controls gap remediation, Business Associate management,etc. She has experience in health care systems, including hospitals. She earned her BA in Business Administration from Columbia College and MBA from Webster University, and maintains certification in Healthcare Privacy Compliance (CHPC).