Overview:

This webinar explains the inter-connected Breach Notification Rule requirements of Covered Entities and Business Associates when a Business Associate or Subcontractor Business Associate suffers a Breach. And it covers the special, more restrictive compliance requirements when a Business Associate or Subcontractor is an Agent under the Federal Common Law of Agency - including how to avoid creating an Agency relationship by mistake.

This webinar for HIPAA Covered Entities and Business Associates explains the 5 Steps of HIPAA Breach.

Notification Rule Compliance. They are:

• Potential Breach Investigation
  • How to recognize a Potential Breach
  • The information you need to gather
  • 5 Key Questions that can confirm no Breach occurred
  • the Data-based Decision - Breach, No Breach or possible "Low Probability of Compromise" indicating a Breach Risk Assessment should be done
• Breach Risk Assessment
  • How to apply the factors that can demonstrate a "Low Probability of Compromise" to PHI meaning Breach Notifications are not required
  • How to conduct Breach Risk Assessment of a Ransomware Attack that can overcome the presumption that the Ransomware Attack was a Breach of Unsecured PHI requiring Breach Notification
• Determination and Documentation - what to do next based on the results of your Potential Breach Investigation or Breach Risk Assessment
• Notifications
  • The timing and content of Notifications that must be made in the case of a Breach of Unsecured PHI
  • Notification Procedures when 500 or more Individuals are affected by a single Breach
  • Notification Procedures when 1 to 499 Individuals are affected by a single Breach
• Other Breach Notification Rule compliance requirements
  • Mitigation
  • Protection against further Breaches
  • Law Enforcement Delay
  • State Breach Notification Rule Requirements

Why you should Attend: Breaches of unsecured PHI is becoming more and more common. The question is not whether a Covered Entity or Business Associate will suffer a Breach. Unfortunately, it is when will you suffer your next (or first) Breach. You should attend this session to learn exactly what to do if your organization suspects it has suffered a Potential Breach or has been attacked by Ransomware.

You will learn how to investigate, assess, determine and document whether you have suffered a Breach of Unsecured PHI that requires Breach Notifications, when and how to provide Breach Notification and the other things you must do when you have a Breach.

There is a secret to HIPAA Compliance. The secret is the HIPAA Rules are easy to follow, step-by-step, when you know the steps.

In this session, you will learn and see the 5 steps of HIPAA Breach Notification Rule compliance explained clearly in plain language.

Areas Covered in the Session:

• Potential Breach Investigation
• Breach Risk Assessment
• Determination and Documentation
• Notifications
• Other Breach Notification Rule compliance requirements, including state laws

Who Will Benefit:

• Health Care Practice and Business Associate Owners
• Compliance Official
• Chief Executive Officer
• Chief Operating Officer
• Chief Compliance Officer
• Chief Information Officer
• Chief Information Security Officer
• Risk Management Director
• HIPAA Compliance Official
• HIPAA Privacy Officer
• HIPAA Security Officer
• Information Technology Supervisor
• General Counsel - Associate General Counsel
• Attorney
• Certified Public Accountant