Skip to main content

HIPAA Breach - or Not? How to Find Out & What to Do

Compliance Key INC - HIPAA Webinar
                                              Paul Hales
Paul Hales is a Keynote Speaker at Compliance Key, Inc. He received his Juris Doctor degree from Columbia University Law School and is licensed to practice law before the Supreme Court of the United States.

  Webinar Id:  HIPHPH010 
 10:00 AM PT | 01:00 PM ET 
 01/31/2018
 Duration: 60 mins 
Overview
More than 170 million Americans have been affected by Breaches of Unsecured Protected Health Information (PHI) since 2009. A Ransomware attack that encrypts PHI is now presumed to be a HIPAA Breach by Federal regulators. HIPAA Breach Notification Content and Timeliness are 2 of the top Enforcement priorities of the Office for Civil Rights (OCR), the HIPAA enforcement arm of the U. S. Department of Health and Human Services.
Why should you attend this webinar?
Breaches of unsecured PHI is becoming more and more common. The question is not whether a Covered Entity or Business Associate will suffer a Breach. Unfortunately, it is when will you suffer your next (or first) Breach.
You should attend this session to learn exactly what to do if your organization suspects it has suffered a Potential Breach or has been attacked by Ransomware. You will learn how to investigate, assess, determine and document whether you have suffered a Breach of Unsecured PHI that requires Breach Notifications, when and how to provide Breach Notification and the other things you must do when you have a Breach.
There is a secret to HIPAA Compliance. The secret is the HIPAA Rules are easy to follow, step-by-step, when you know the steps.
In this session, you will learn and see the 5 steps of HIPAA Breach Notification Rule compliance explained clearly in plain language.
Areas Covered in the Session:
This webinar for HIPAA Covered Entities and Business Associates explains the 5 Steps of HIPAA Breach Notification Rule Compliance. They are:
  • Potential Breach Investigation
    • How to recognize a Potential Breach
    • The information you need to gather
    • 5 Key Questions that can confirm no Breach occurred
    • the Data-based Decision - Breach, No Breach or possible "Low Probability of Compromise" indicating a Breach Risk Assessment should be done
  • Breach Risk Assessment
    • How to apply the factors that can demonstrate a "Low Probability of Compromise" to PHI meaning Breach Notifications are not required
    • How to conduct Breach Risk Assessment of a Ransomware Attack that can overcome the presumption that the Ransomware Attack was a Breach of Unsecured PHI requiring Breach Notification
  • Determination and Documentation - what to do next based on the results of your Potential Breach Investigation or Breach Risk Assessment
  • Notifications
    • The timing and content of Notifications that must be made in the case of a Breach of Unsecured PHI
    • Notification Procedures when 500 or more Individuals are affected by a single Breach
    • Notification Procedures when 1 to 499 Individuals are affected by a single Breach
  • Other Breach Notification Rule compliance requirements
    • Mitigation
    • Protection against further Breaches
    • Law Enforcement Delay
    • State Breach Notification Rule Requirements
This webinar explains the inter-connected Breach Notification Rule requirements of Covered Entities and Business Associates when a Business Associate or Subcontractor Business Associate suffers a Breach. And it covers the special, more restrictive compliance requirements when a Business Associate or Subcontractor is an Agent under the Federal Common Law of Agency - including how to avoid creating an Agency relationship by mistake.
Who can Benefit:
Health Care Providers of all types - for example:
  • Large, Multi-site Hospitals
  • Small Critical Access Hospitals
  • Health Care Providers in small group practices:
    • Dentists
    • Optometrists
    • Chiropractors
    • Physical Therapists
    • Podiatrists
    • Licensed Clinical Social Workers
  • Multi-Specialty Medical Groups
  • Long Term Care, Assisted Living and Skilled Nursing Facilities
  • Federally Qualified Health Centers
Business Associates of all types - for example:
  • Medical Billing and Coding companies
  • IT Vendors
  • Electronic Health Record Providers
  • EHR Consultants
  • Practice Management Firms
  • CPA and Law Firms
Third Party Administrators - usually Insurance Brokers
Target Job Titles:

  • Health Care Practice and Business Associate Owners
  • Compliance Official
  • Chief Executive Officer
  • Chief Operating Officer
  • Chief Compliance Officer
  • Chief Information Officer
  • Chief Information Security Officer
  • Risk Management Director
  • HIPAA Compliance Official
  • HIPAA Privacy Officer
  • HIPAA Security Officer
  • Information Technology Supervisor
  • General Counsel - Associate General Counsel
  • Attorney
  • Certified Public Accountant

Labels:
Location: United States

Comments

Post a Comment

Popular posts from this blog

New 2019 HIPAA Guidance on De-Identifying Protected Health Information

Compliance Key  -   HIPAA Compliance Training Overview This seminar will be addressing how practice/business managers or compliance officers need to get their HIPAA house in order, as HIPAA is now fully enforced and the government is not using kid gloves anymore. It will also address major 2019 changes taking place with the Health and Human Services regarding the enforcement of the HIPAA law as well as detailed discussions on the Phase 2 audit process and current events regarding HIPAA cases (both in courtrooms and from real-life Audits). Our instructor - Mr. Brian Tuttle  has over 20 years of experience in working as Compliance auditor and has been an expert witness on multiple HIPAA cases. He`ll thoroughly explain on HOW and in WHAT scenarios patients can claim for cash remedies. More importantly, Brian will show you how to limit those risks by simply taking proactive steps and utilizing best practices. Why should you attend this seminar? This Sem...
Post a Comment
Read more

Classifying Medical Devices in US and EU

Compliance Key INC  -  Healthcare Compliance Webinars Overview The Food and Drug Administration (FDA) has established classifications for approximately 1,700 different generic types of devices and grouped them into 16 medical specialties referred to as panels. Each of these generic types of devices is assigned to one of three regulatory classes based on the level of control necessary to assure the safety and effectiveness of the device.The determination process, how you apply the classification process to your device, is complex and requires several levels of analysis to make the proper device classification. Proper medical device classification is the fundamental first step in submitting your device for approval anywhere in the world. This webinar will detail the medical device classification process for the United States through the FDA and will overview the very complex process for medical device classification within the EU. Specifically, this webinar will provid...
Post a Comment
Read more

HIPAA Compliance with the New Omnibus Rule: How to Pass an Audit to Avoid Penalties and Criminal Convictions

Compliance Key INC  -  H ipaa webinar                                           Jonathan P. Tomes Jonathan P. Tomes , J.D., is Keynote Speaker at Compliance key Inc. He is a health care attorney practicing in the greater Kansas City.   Webinar Id:   HIPHJPT001  2:30 PM PT | 03:30 PM ET    01/18/2018  Duration: 60 mins  Overview Before the HITECH Act, DHHS could audit covered entities for HIPAA compliance, but did not have to. With that Act, now the must audit those entities and business associates as well. In the first audits, the Phase I audits, DHHS came on site. The subsequent Phase II audits, however, were paper audits in which those audited had to provide documentation of their compliance. As yet, we do not know what form Phase III will take, but the necessary actions to prepar...
Post a Comment
Read more