HIPAA Breach Notification Rule has new standards for determining what qualifies as a reportable breach. The updated and final regulations for Security and Breach Notification now enforceable must be considered by all HIPAA-related entities, and all HIPAA entities need to change their policies and procedures to meet the new standards. HIPAA Breach Notification rules require notification of individuals and HHS when information security is breached. If there is a breach of protected health information that does not qualify for one of the reporting exceptions, the breach must be reported, unless a risk assessment shows that there is a “low probability of compromise.” All reportable breaches must be reported to the Secretary of the US Department of Health and Human Services at least annually. There are additional steps to take if the breach affects more than 500 individuals, including media notices and immediate notification of HHS.
In this session expert Jim Sheldon Dean will help you understand what isn’t a breach and under what circumstances you don’t have to consider breach notification. You’ll find out how to report the smaller breaches (less than 500 individuals), as required, within 60 days of the end of each year and you’ll know why you want to avoid a breach involving more than 500 individuals – media notices, Web site notices, and immediate notification of HHS, including posting on the HHS breach notification “wall of shame” on the Web. Jim will explain, based on historical analysis of reported breaches, what measures must be taken today to protect information from the most common threats, as well as discuss information security trends and explain what kinds of efforts will need to be undertaken in the future to protect the security of PHI.
Highlights of the session:
Get answers to your questions in a Q&A session by the speaker to help you with the doubts and queries you may have.
Who should attend: This session is appropriate for compliance manager, HIPAA officer, chief information officer, health information manager, medical office manager, medical practice lawyer, CFO, CEO, COO, privacy officer and information security officer.
Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a variety of health care providers, businesses, universities, small and large hospitals, urban and rural mental health and social service agencies, health insurance plans, and health care business associates.
Sheldon-Dean serves on the HIMSS Information Systems Security... More Info
More Events By The Speaker