HIPAA Breach Notification Rule – What you Must do to Comply

Wednesday, August 15 | 10:00 am - 11:00 am

Training Options Duration: 60 Minutes Wednesday, August 15, 2018 | 10:00 AM PDT | 01:00 PM EDT

Overview: Final regulations for the new HIPAA Breach Notification Rule require much more

than notifying individuals affected by a Breach of their Protected Health Information (PHI).

Covered Entities and Business Associates first must follow and document a very specific process

to determine if a Breach occurred. If no Breach occurred documentary proof must be kept for six

years. If a Breach did occur timely notifications and other actions must be undertaken and

documented.

This webinar will explain:

What Covered Entities and Business Associates must do to comply with the Breach Notification

Rule What is and is not a Breach Three exceptions – when an acquisition, access, use, or disclosure of PHI not permitted by the

Privacy Rule is not a Breach How to perform a Breach Risk Assessment to determine if you can demonstrate a low probability

that the PHI was compromised Who must be notified in case of a Breach When notifications must be provided What information must be contained in each notification Other requirements in case of a Breach Investigate Mitigate harm to affected individuals Protect against further Breaches Document everything Planning and preparation for the worst – public relations and mitigation strategies to limit

damage to the organization’s reputation and financial well-being

Why should you Attend: Breaches and incidents that might be Breaches happen all the time! More than 173,000 separate breaches of Protected Health Information (PHI) affecting less than

500 individuals were reported to the U. S. Department of Health and Human Services (HHS)

between September, 2009 and May 31, 2015 and in the same period HHS received approximately 1240

reports of PHI breaches that affected 500 or more individuals An acquisition, access, use, or disclosure of PHI not permitted by the Privacy Rule is presumed

to be a Breach unless it falls within an exception or the Covered Entity or Business Associate

can demonstrate a low probability that the PHI was compromised Not all suspected Breaches are Breaches – but you must know the rules to assess each incident

and – when appropriate – prove it was not a Breach A Covered Entity or Business Associate has the burden to prove an acquisition, access, use, or

disclosure of PHI was not a Breach or, if a Breach occurred, that it made all required

notifications Prominent media outlets in the region must be notified of Breaches affecting 500 or more

individuals To preserve your organization’s reputation and limit its financial loss you must be prepared to

assess a suspected Breach and to respond properly and perhaps publicly when a Breach does occur Phishers, Hackers and Burglars are actively trying to get PHI – the FBI reported in 2014 that

medical identity sells for $50 on the black market compared to $1 for a credit card or Social

Security Number

Areas Covered in the Session: Breach Notification Rule Compliance Requirements What is defined as a Breach How to determine if a Breach occurred How to investigate and analyze the facts of an incident that is a Potential Breach How to do a Breach Risk Assessment to determine if there is a low probability of compromise to

PHI In case of a breach Who to notify When notification must be made What information must be in each notification Other things that must be done if a Breach occurred Documentation that must be kept of all activities associate with the Breach Notification Rule

Who Will Benefit: HIPAA Compliance Officials Top Management Health Care Provider Practice Manager Risk Manager – Compliance Manager Information Systems Manager Legal Counsel Health Care Public Relations Consultants

Speaker Profile Paul R. Hales received his Juris Doctor degree from Columbia University Law School and is

licensed to practice law before the Supreme Court of the United States. He is an expert on

HIPAA Privacy, Security, Breach notification and Enforcement Rules with a national HIPAA

consulting practice based in St. Louis. Paul is the author of all content in The HIPAA E-Tool,

an Internet-based, Software as a Service product for health care providers and business

associates.

Price – $139 Contact Info: Netzealous LLC – MentorHealth Phone No: 1-800-385-1607 Fax: 302-288-6884 Email: support@mentorhealth.com Website: http://www.mentorhealth.com/ Webinar Sponsorship: https://www.mentorhealth.com/control/webinar-sponsorship/ Follow us on : https://www.facebook.com/MentorHealth1 Follow us on : https://www.linkedin.com/company/mentorhealth/ Follow us on : https://twitter.com/MentorHealth1

Event Location

Event Location
  • Online Event
  • Online
  • Fremont
Visit Event WebsiteGet Directions!