HIPAA Breach Notification Rule - What you Must do to Comply
Conference Dates:
Start Date: 2018-08-15Last Day: 2018-08-15
Deadline for abstracts/proposals: 2018-08-14
Conference Contact Info:
Contact Person: Roger StevenEmail: [email protected]
Address: Online, Fremont, CA, 94539, United States
Tel: 8003851607
Fax: 3022886884
Conference Description:
Training Options Duration: 60 MinutesWednesday, August 15, 2018 | 10:00 AM PDT | 01:00 PM EDT
Overview: Final regulations for the new HIPAA Breach Notification Rule require much more
than notifying individuals affected by a Breach of their Protected Health Information (PHI).
Covered Entities and Business Associates first must follow and document a very specific process
to determine if a Breach occurred. If no Breach occurred documentary proof must be kept for six
years. If a Breach did occur timely notifications and other actions must be undertaken and
documented.
This webinar will explain:
What Covered Entities and Business Associates must do to comply with the Breach Notification
Rule
What is and is not a Breach
Three exceptions - when an acquisition, access, use, or disclosure of PHI not permitted by the
Privacy Rule is not a Breach
How to perform a Breach Risk Assessment to determine if you can demonstrate a low probability
that the PHI was compromised
Who must be notified in case of a Breach
When notifications must be provided
What information must be contained in each notification
Other requirements in case of a Breach
Investigate
Mitigate harm to affected individuals
Protect against further Breaches
Document everything
Planning and preparation for the worst - public relations and mitigation strategies to limit
damage to the organization's reputation and financial well-being
Why should you Attend:
Breaches and incidents that might be Breaches happen all the time!
More than 173,000 separate breaches of Protected Health Information (PHI) affecting less than
500 individuals were reported to the U. S. Department of Health and Human Services (HHS) between
September, 2009 and May 31, 2015 and in the same period HHS received approximately 1240 reports
of PHI breaches that affected 500 or more individuals
An acquisition, access, use, or disclosure of PHI not permitted by the Privacy Rule is presumed
to be a Breach unless it falls within an exception or the Covered Entity or Business Associate
can demonstrate a low probability that the PHI was compromised
Not all suspected Breaches are Breaches - but you must know the rules to assess each incident
and - when appropriate - prove it was not a Breach
A Covered Entity or Business Associate has the burden to prove an acquisition, access, use, or
disclosure of PHI was not a Breach or, if a Breach occurred, that it made all required
notifications
Prominent media outlets in the region must be notified of Breaches affecting 500 or more
individuals
To preserve your organization's reputation and limit its financial loss you must be prepared to
assess a suspected Breach and to respond properly and perhaps publicly when a Breach does occur
Phishers, Hackers and Burglars are actively trying to get PHI - the FBI reported in 2014 that
medical identity sells for $50 on the black market compared to $1 for a credit card or Social
Security Number
Areas Covered in the Session:
Breach Notification Rule Compliance Requirements
What is defined as a Breach
How to determine if a Breach occurred
How to investigate and analyze the facts of an incident that is a Potential Breach
How to do a Breach Risk Assessment to determine if there is a low probability of compromise to
PHI
In case of a breach
Who to notify
When notification must be made
What information must be in each notification
Other things that must be done if a Breach occurred
Documentation that must be kept of all activities associate with the Breach Notification Rule
Who Will Benefit:
HIPAA Compliance Officials
Top Management
Health Care Provider Practice Manager
Risk Manager - Compliance Manager
Information Systems Manager
Legal Counsel
Health Care Public Relations Consultants
Speaker Profile
Paul R. Hales received his Juris Doctor degree from Columbia University Law School and is
licensed to practice law before the Supreme Court of the United States. He is an expert on HIPAA
Privacy, Security, Breach notification and Enforcement Rules with a national HIPAA consulting
practice based in St. Louis. Paul is the author of all content in The HIPAA E-Tool, an
Internet-based, Software as a Service product for health care providers and business associates.
Price - $139
Contact Info:
Netzealous LLC - MentorHealth
Phone No: 1-800-385-1607
Fax: 302-288-6884
Email: [email protected]
Website: http://www.mentorhealth.com/
Webinar Sponsorship: https://www.mentorhealth.com/control/web inar-sponsorship/
Follow us on : https://www.facebook.com/MentorHealth1Follow us on : https://www.linkedin.com/company/mentorh ealth/
Follow us on : https://twitter.com/MentorHealth1