How to Properly Handle HIPAA Security Incidents and Actual Breaches

MentorHealth
Date: Wednesday August 13, 2014
Time:

10:00 AM PDT | 01:00 PM EDT

Duration: 90 Minutes
Instructor: Richard D. Dvorak
Webinar Id: 800329

 Live 

$175.
One Attendee
$375.
Unlimited Attendees

Recorded

$225.
One Attendee

Overview:

The word "breach" in the health care industry, and for those business associates of covered entities, certainly causes alarm when not only have you had your patient's privacy violated, but also now you have to prepare for the financial cost to remedy the breach and think about the possible criminal and civil penalties that you or your organization may have to face.

In addition, because the HITECH Act for the first time now authorizes a federal lawsuit for a HIPAA violation, an aggrieved individual may ask the attorney general of the state in which the violation occurred to sue on his behalf in federal court and recover damages, attorney's fees, and costs. As of the end of August 2011, the Connecticut Attorney General ("AG") had filed two such lawsuits and the Indiana AG had filed one.

In the first one filed, the Connecticut AG obtained a $250,000 settlement from the hospital defendant. Thus, a covered entity now faces the possibility of HIPAA lawsuits in both state and federal courts. Further, with the HITECH Act's expansion of HIPAA civil and criminal liability to business associates, the latter may also be sued in federal court. The Minnesota Attorney General has filed such a lawsuit against a business associate. Isn't it better to know the proper way to handle a breach according to the law?

Learn the difference between security incident reports and reportable breaches and how to handle each properly during this 90-minute seminar. Find out what resources are available to you to help avoid breaches of confidentiality and how your organization can be better prepared for HIPAA compliance regulations

Areas Covered in the Session:

  • What is a security incident?
  • What is a breach?
  • What immediate action should be taken when a breach is suspected?
  • How to report a breach
  • How to investigate a breach
  • How to mitigate the harm of a breach
  • What breaches must be reported to DHHS and/or to the individuals who are the subject of the breach?
  • How to report breaches to DHHS and/or to the individuals who are the subject of the breach
  • How to determine whether disciplinary action is appropriate
  • How to document security incidents and breaches in a security incident report
  • Do you need insurance to cover HIPAA breaches?

Who Will Benefit:
  • HIPAA Compliance Officers
  • HIPAA Security Officers
  • HIPAA Privacy Officers, CFOs
  • CIOs
  • Medical Records Personnel
  • Health Information Management Professionals
  • Health Care Attorneys
  • Billing Services

Speaker Profile
Richard D. Dvorak J.D., is a health care attorney and partner in the law firm of TOMES & DVORAK, CHARTERED, a Kansas City area law firm. The firm has Martindale-Hubbell’s highest rating, AV (“A” is for preeminent in the field of practice and “V” is for highest ethics). After serving eight years in the United States Marine Corps, Richard obtained his law degree from Chicago-Kent College of Law in 1992. He is licensed to practice law in Illinois, Missouri, and Kansas, including various U.S. federal courts. Mr. Dvorak’s extensive litigation experience includes medical malpractice, physician licensure, mental health disability cases, military cases, and criminal cases, among others.

Mr. Dvorak is Vice President of EMR Legal, Inc., a national HIPAA consulting firm, which provides consulting services for clients ranging from a large county government, with eight different health entities that need HIPAA compliance help, to a small transcription service. His specialty is helping covered entities and business associates comply with HIPAA in a cost-effective manner using his extensive technical computer knowledge and business acumen. He and his team have consulted over 1,000 clients in health care regulations since 1998. Mr. Dvorak is also the Vice President of Veterans Press, Inc.—a national publishing company that sells and distributes The Compliance Guide to HIPAA and the DHHS Regulations, soon to be in the 6th edition, an integral part of the HIPAA Compliance Library.

Richard’s HIPAA speaking engagements include Cross Country Education, MEDS-PDN, PESI, CMI and Lorman Business Center, and The National Home Infusion Association (NHIA) 2013 convention. He also has taught business law for Park College in Missouri. As a small businessman, Richard understands the need to help others learn how to comply with government health regulations in a reasonable, cost-effective manner.


You Recently Viewed