Show navigation

Live Webinar

90-minute live streaming program
  • August 28
  • 1:00 - 2:30 pm EST

Also available as:

OnDemand Webinar
Audio & Reference Manual

HIPAA Security Breach Response Plan

August 28

If and when protected health information is compromised at your organization, be ready to execute your own security breach response plan.

Many covered entities and business associates who are required to comply with HIPAA as well as other federal and state law requirements protecting the privacy and security of patient information still misunderstand when an incident rises to the level of a Breach and what the required responses are. There also continues to be misunderstanding of how and when a breach occurs in certain contexts, who is responsible for it (i.e., the BA or CE?), who needs to be notified and with whom do the legal and contractual obligations rest. This topic helps the persons responsible for their organization’s compliance with HIPAA and other federal and state laws requiring a consistent evaluation of each Security Incident which might compromise Protected Health Information. The material also explains the specific requirements of calculating the 500 or more threshold number of affected individuals for purposes of reporting by a business associate (i.e., per covered entity) and by the covered entity, as well as for purposes of notifying the media (i.e., per jurisdiction). This topic will go into detail and provide you and your organization with a uniquely developed Breach Risk Assessment tool that allows consistent evaluation of HHS Four Factors that are critical to a final determination of whether a breach is reportable to HHS. This information is critical for organizations to hone their breach policies and procedures to prevent under reporting of breaches (which is a HIPAA violation) as well as to over reporting of breaches (i.e., reporting an incident when HIPAA does not legally require it to be reported), which can lead to an unnecessary HHS/OCR investigation.

Purchase Options
Can't Attend?

More Program Information

Why Lorman?

Over 32 years and 1.4 million customers worth of experience providing continuing education. Our passion is providing you world-class training to help you succeed in business and as a professional.

Agenda

Definitions of Key HIPAA Terms
  • A Detailed Review of Key HIPAA Definitions Will Be Covered: Breach, Security Incident, Protected Health Information, De-Identified Data
  • Discussion on How These Definitions Materially Affect Analysis of Whether or Not a Security Incident Rises to the Level of a Breach, and Whether Notification or Other Response Is Required
  • Discussion of Why It Is Critical That Definitions of Such Terms Which Appear in HIPAA Business Associate Agreements Track HIPAA's Definitions
HIPAA Breach Risk Assessment
  • Do You Have a Breach of 500 or More Affected Individuals? Discussion of HHS's Guidance on How to Calculate the Total Number of Individuals Affected by a Breach (i.e., per Covered Entity). Additional Discussion Regarding How to Calculate Number of Individuals Affected by State/Jurisdiction for Purposes of Media Notices
  • Safe Harbors: Unintentional; Inadvertent; Not Reasonably Retained. Overview of the Statutory Carve-Outs Which Permit a Conclusion of No Breach
  • Evaluating Low Probability PHI Compromised. Detailed Discussion of HHS's Guidelines on How to Evaluate the Low Probability Threshold in a Consistent Matter. Overview of the Four Factors Critical to This Assessment, and How to Evaluate the Four Factors in a Consistent Manner. A Deep Dive Into:
    • Nature and Extent of Data: Discussion of Minimal PHI? DeIdentified Data? Limited Data Sets?
    • Nature of Recipient/Unauthorized Individual: Discussion of Cooperative vs. Uncooperative Individuals
    • Determining If PHI Was Acquired or Viewed: Discussion of Confirming No Access Through Forensics; HHS's Discussion and Guidance Regarding Whether Deployed Ransomware Is a Breach
    • Mitigation: Discussion of What Steps Need to Be Taken for Full Mitigation; Discussion of Sanitization of External Devices and Accounts That May Have Transmitted and/or Housed Breached PHI, and When Legal Intervention Might Be Appropriate (i.e., Discussion of Successful Interventions by Courts)
    • StepByStep Work Through of Example Breach Cases Using Oscislawski LLC's Low Probability Assessment Tool to Apply the Four Factor Test and Calculate a Low Probability Score, and Discussion of How to Use the Low Probability Score in Final Determination of Whether a Breach Is Reportable (i.e., Notices Required). (See Sample HIPAA Breach Risk Assessment Tool to Be Provided With Webinar)
Breach Response
  • Discussion of What Are the Breach Notification Requirements and Other Obligations of a Business Associate
  • Discussion of What Are the Breach Notification Requirements and Other Obligations of a Covered Entity, Including Detailed Drill Down on Notifications to HHS (Immediate vs. Annual); Notification to Individual (Incl. State Law Considerations); Notification of Media (What Is Required? and the 500 Individuals per/Jurisdiction Threshold)
Purchase Options
Can't Attend?

More Program Information

Why Lorman?

Over 32 years and 1.4 million customers worth of experience providing continuing education. Our passion is providing you world-class training to help you succeed in business and as a professional.

Credits

OnDemand Webinar

This course was last revised on May 16, 2018.

Call 1-866-352-9540 for further credit information.

This program does NOT qualify, nor meet the National Standard for NASBA accreditation.

Live Webinar Registration

  • ACHE 1.5
     
  • The American College of Healthcare Executives no longer pre-approves courses or organizations. Participants in this program wishing to have the continuing education hours applied toward ACHE Qualified Education credit should indicate their attendance when submitting an application to the American College of Healthcare Executives for advancement or recertification. ACHE Qualified Education credit must be related to healthcare management (i.e., it cannot be clinical, inspirational, or specific to the sponsoring organization). It can be earned through educational programs conducted or sponsored by any organization qualified to provide educational programming in healthcare management. Programs may be sponsored by ACHE, chapters or other qualified sources, whether the programming is face-to-face or distance offerings (webinars, online seminars, self-study courses, etc.).
     
  • AHIMA 1.5 including Privacy & Security 1.5
     
  • This program has been approved for 1.5 continuing education units for use in fulfilling the continuing education requirements of the American Health Information Management Association (AHIMA). Granting prior approval from AHIMA does not constitute endorsement of the program content or its program sponsor.
     
  • AL CLE 1.5
     
  • This course or a portion thereof has been approved by the Alabama State Mandatory Continuing Legal Education Commission for a maximum of 1.5 hours credit.
     
  • AR CLE 1.5
     
  • This course has been approved for 1.5 hours of CLE by the Arkansas CLE Board.
     
  • Arizona CLE 1.5
     
  • The State Bar of Arizona does not approve or accredit CLE activities for the Mandatory Continuing Legal Education requirement. This activity may qualify for up to 1.5 hours toward your annual CLE requirement for the State Bar of Arizona.
     
  • CA MCLE 1.5
     
  • Lorman Business Center, Inc. is a State Bar of California approved MCLE sponsor and this course qualifies for 1.5 CLE hours of participatory credit.
     
  • CT CLE 1.5
     
  • Neither the Connecticut Judicial Branch nor the Commission on Minimum Continuing Legal Education approve or accredit CLE providers or activities. This course has been approved for CLE credit in jurisdictions aside from CT and therefore it automatically meets the content and delivery requirements in Connecticut. Credit is based on a 60 minute credit hour and shall be awarded as follows: 1.5 CLE credit(s).
     
  • GA CLE 1.5
     
  • This program has been approved by the Georgia Commission on Continuing Lawyer Competency for 1.5 CLE hours.
     
  • HI CLE 1.5
     
  • This program was approved by the Hawaii State Board of Continuing Legal Education for 1.5 CLE credit hours.
     
  • IL CLE 1.5
     
  • This course was approved for a total of 1.5 hours of MCLE Credit by the Illinois MCLE Board.
     
  • ME CLE 1.5
     
  • This course has been approved by the State of Maine Board of Overseers of the Bar. Lawyers who complete this course shall receive 1.5 hours of CLE credit under M. Bar R. 12.
     
  • MS CLE 1.5 (Pending)
     
  • This program has been submitted to the Mississippi Commission on Continuing Legal Education. Approval pending.
     
  • MT CLE 1.5
     
  • This program has been approved by the Montana Commission of Continuing Legal Education for a total of 1.5 CLE credits.
     
  • NH MCLE 1.5
     
  • NH MCLE does not approve or accredit CLE activities for the NH Minimum CLE requirement. Lorman Education Services believes this course meets the requirement of NH Supreme Court Rule 53 and may qualify for CLE credit(s). Program Length: 90 Minutes.
     
  • NJ CLE 1.8
     
  • This program has been approved by the Board on Continuing Legal Education of the Supreme Court of New Jersey for 1.8 hours of total CLE credit.
     
  • NV CLE 1.5
     
  • This program has been approved by the Nevada Board of Continuing Legal Education for 1.5 CLE hours.
     
  • PA CLE 1.5
     
  • This Distance Learning program has been approved by the Pennsylvania Continuing Legal Education Board for 1.5 hours of substantive law, practice and procedure CLE credit.
     
  • RI CLE 1.5
     
  • This program has been approved by the Rhode Island Mandatory Continuing Legal Education Commission for 1.5 hours of CLE credit.
     
  • TN CLE 1.5
     
  • This program has been approved as a distance learning format by the Tennessee Commission on Continuing Legal Education for a maximum of 1.5 hours of credit.
     
  • VT CLE 1.5
     
  • This program has been approved by the Mandatory Continuing Legal Education Board of Vermont for 1.5 hours of CLE credit.
     
  • WA CLE 1.5
     
  • This program has been approved by the Washington State Board of Continuing Legal Education for 1.5 hours of Law & Legal Procedure credit.
     
  • WI CLE 1.5
     
  • This program has been approved by the Board of Bar Examiners for 1.5 hours for use toward the Wisconsin Mandatory CLE requirement.
     
  • WV MCLE 1.8
     
  • This program has been approved by the West Virginia State Bar MCLE Commission for 1.8 MCLE hours.
     
  • HFMA 1.5
     
  • This course is approved by HFMA for certification maintenance of continuous educational points and will equal 1.5 points of classroom instruction.
     

This program does NOT qualify, nor meet the National Standard for NASBA accreditation.

Audio & Reference Manual

  • Arizona CLE 1.5
     
  • CA MCLE 1.5
     
  • CT CLE 1.5
     
  • GA CLE 1.5
     
  • HI CLE 1.5
     
  • IL CLE 1.5
     
  • ME CLE 1.5
     
  • MT CLE 1.5
     
  • NJ CLE 1.8
     
  • NV CLE 1.5
     
  • VT CLE 1.5
     
  • WA CLE 1.5
     
  • WV MCLE 1.8
     
The CLE Code is ONLY a requirement when applying for CLE Credit in California (for participatory credit), Kansas, New Jersey or New York. Other states do not need to supply the CLE Code to apply for CLE credit.

This program does NOT qualify, nor meet the National Standard for NASBA accreditation.

Who should attend?

This live webinar is designed for health information managers, business managers, office managers, privacy officers, hospital administrators, medical records directors, billing managers, compliance officers, IT professionals and attorneys.

Purchase Options
Can't Attend?

More Program Information

Why Lorman?

Over 32 years and 1.4 million customers worth of experience providing continuing education. Our passion is providing you world-class training to help you succeed in business and as a professional.

Faculty

Helen Oscislawski, Esq.

Helen Oscislawski, Esq.

Attorneys at Oscislawski LLC

  • Founding partner, Attorneys at Oscislawski LLC
  • Corporate and regulatory attorney whose practice focuses almost exclusively on advising and representing health care clients
  • Recognized nationally for her substantial experience with and understanding of legal issues that arise with the use of electronic medical records and networked health information exchange
  • In 2008, Governor Corzine appointed her to the New Jersey Health Information Technology Commission to fill the seat reserved by statute for an attorney practicing in this state with demonstrated expertise in health privacy in 2010, Governor Christie reappointed her to the commission, and she also served as the chair of New Jersey’s Privacy and Security Committee
  • Over the course of her career, she has completed complex legal analyses regarding patient consent issues, privacy standards, security breach response, and other patient-data related challenges
  • Known to many as a go to attorney on HIPAA, health information exchange and technology, and legal advice relating to health care data breaches
  • Currently advises some of the most sophisticated organizations in the nation on all aspects of managing patient privacy and legal risk resulting from data breaches
  • Who’s Who 2017 Top Lawyer, and is also recognized as a Lawyer of Distinction, a designation granted to only the top 10% of attorneys in the nation
  • Speaks regularly at various national events on these topics, as well as maintains a popular blog called Legal HIE, www.legalhie.com
  • Can be contacted at [email protected]
Purchase Options
Can't Attend?

More Program Information

Why Lorman?

Over 32 years and 1.4 million customers worth of experience providing continuing education. Our passion is providing you world-class training to help you succeed in business and as a professional.

All of your training, right here at Lorman.

Pay once and get a full year of unlimited training in any format, any time!

  • Live Webinars
  • OnDemand Webinars
  • MP3 Downloads
  • Course Manuals
  • Audio Recordings*
  • Executive Reports
  • White Papers and Articles
  • Sponsored Live Webinars

Additional benefits include:

  • State Specific Credit Tracker
  • Members Only Newsletter
  • All-Access Pass Course Concierge

* For audio recordings you only pay shipping

Questions? Call 877-296-2169 to speak with a real person.

Sign Up Today
With This Course

Access to all training products for one year
$699/year

Unlimited Lorman Training

With the All-Access Pass there is no guessing what you will need for your yearly training budget. $699 will cover all of your training needs for an entire year!

Easy Registrations

Once you purchase your All-Access Pass you will never be any further than one-click away from attending any Lorman training course.

Invest in Yourself

You haven't gotten to where you are professionally by luck alone; it's taken a lot of hard work and training. Invest in yourself with the All-Access Pass.

Product ID: 406495
Published 2018, 2019
Purchase Options

Register today before this event fills.

Can’t attend? Order an Audio & Reference Manual from this event.