MedTech I.Q.

The Cutting Edge of Medical Technology Content, Community & Collaboration

HIPAA Breach Evaluation and Reporting - What Qualifies as a Reportable Breach

Event Details

HIPAA Breach Evaluation and Reporting - What Qualifies as a Reportable Breach

Time: December 1, 2021 from 10am to 1pm
Location: online
Street: Alto
City/Town: Online
Website or Map: https://www.complianceonline.…
Phone: 8887172436
Event Type: seminae
Organized By: ComplianceOnline
Latest Activity: Nov 24, 2021

Export to Outlook or iCal (.ics)

Event Description

There are several steps that must be taken to determine if an incident is a breach, and whether or not that breach is reportable. Determining whether to report or not is not necessarily straightforward, but there are guidelines to follow to help at every step of the way. If the evaluation of necessity to report is not done correctly, you may not make the right decisions about reporting and be subject to penalties for non-compliance upon an investigation of a breach by HHS. Penalties for non-compliance can up to millions of dollars in cases of willful negligence, so it is essential to evaluate incidents to see if they are reportable breaches, and act properly on the evaluation.

Why Should You Attend:

The HIPAA Breach Notification Rule has been in effect since 2010 and was significantly modified in 2013. We will discuss the origins of the rule and how it works, including interactions with other HIPAA rules and penalties for violations.

Whenever there may be a privacy issue involving Protected Health Information, there may be a reportable breach under the HIPAA regulations. Not all privacy violations are reportable breaches, though, so it is essential to have a good process for evaluating incidents to see if they have resulted in a reportable breach.

Any privacy rule violation that results in an acquisition, access, use, or disclosure of PHI in violation of the HIPAA Privacy Rule may be a breach, unless the incident is one of the defined exceptions from the definition. A breach is reportable unless the information was secured or destroyed in the incident, or unless a risk analysis shows that there is a low probability of compromise of the information, based on at least four factors defined in the rules.

We will examine how to determine if a privacy violation is potentially a breach according to the definition, and then describe the subsequent steps in the evaluation, if it is determined that the definition has been met. We will discuss the exceptions to the breach definition for inadvertent internal uses, or when it can be determined that the information could not be retained in any way by the receiving party.

Areas Covered in the Webinar:

  • The definition of a Breach under HIPAA
  • Evaluating the Privacy violation
  • Reviewing the exceptions to the definition of a breach
  • What is good enough encryption according to the rules
  • Performing the Risk Analysis to determine the necessity to report
  • Ransomware and Breaches – When to Report
  • Avoiding Breaches
  • The most common causes of breaches
  • Reporting breaches to HHS and the individuals
  • Reporting breaches to the press and other agencies
  • Documenting your analysis and decisions

Who Will Benefit:

This webinar will provide valuable assistance to all personnel in medical offices, practice groups, hospitals, academic medical centers, insurers, business associates (shredding, data storage, systems vendors, billing services, etc). Employees who will benefit include:

  • Compliance director
  • CEO
  • CFO
  • Privacy Officer
  • Security Officer
  • Information Systems Manager
  • HIPAA Officer
  • Chief Information Officer
  • Health Information Manager
  • Healthcare Counsel/Lawyer
  • Office Manager

Comment Wall

Comment

RSVP for HIPAA Breach Evaluation and Reporting - What Qualifies as a Reportable Breach to add comments!

Join MedTech I.Q.

Attending (1)

© 2024   Created by CC-Conrad Clyburn-MedForeSight.   Powered by

Badges  |  Report an Issue  |  Terms of Service