Thanksgiving celeberations

HIPAA Breaches: Issues Today And Future Trends

Event Information
Product Format
Prerecorded Event
Conference Date
Tue, Jun 05, 2012
60 Minutes
Product Description

Avoid The HHS Breach Notification "Wall Of Shame"

The HIPAA Breach Notification Rule requires all HIPAA covered entities and business associates to follow a number of steps to be in compliance in the event of a breach of the privacy and security of protected health information. If there is a breach of PHI that risks causing financial, reputational, or other harm to an individual, the breach must be reported to the individual, and all such breaches must be reported to the Secretary of the US Department of Health and Human Services at least annually. There are additional steps to take if the breach affects more than 500 individuals, including media notices and immediate notification of HHS.

Join Jim Sheldon-Dean for this 1 hour power packed event and get educated on the background of the Breach Notification Rule and what it calls for in the regulations, where to find the information and forms for filing breach notifications with HHS, what goes into an effective breach notification policy, how to prevent breaches as much as reasonably possible, What steps to take when a security incident or breach has occurred, how to consider the risk of harm to the individual, and the risks of reporting and not reporting an incident, how to best document your incidents and breaches to withstand enforcement audits, what are the most frequent reasons for breaches and how can they be prevented, how to adopt policies, train on them, and conduct drills in breach response.

Entities must adopt a breach notification policy and procedures to ensure accurate reporting and documentation of breaches, and must take steps to protect information from breaches by using encryption and proper disposal methods meeting Federal standards. Entities must follow the standards and specifications of the HIPAA Security Rule to protect information from breaches and must negotiate new Business Associate Agreements to include liability for breach notification and requirements for timely reporting to the entity.

Some of the greater issues today include the loss or theft of devices containing unencrypted PHI, from hard drives and memory sticks, to laptops, workstations, and servers.  Data at rest increasingly must be encrypted to reduce the risks of breaches and their significant costs and impacts of notification. But there are more issues than lost or stolen devices, such as transmitting information to the wrong individuals, wrong addresses, or wrong fax numbers.  It is essential to regularly verify all destinations for PHI, by mail, fax, or e-mail. In the future, as health information becomes more recognized for its value to identity thieves, we can expect that attacks on PHI by hackers will increase, and that all systems holding any PHI will need to be re-evaluated and revised to deter the increased threats.

Register now and see below what you'll learn:

  • The HIPAA Breach Notification Rule has been in effect since September 23, 2009 and most organizations are not prepared to respond to a breach of PHI and report and document it properly.
  • HIPAA Covered Entities and Business Associates need to know where and what information they have, so they can figure out how serious a breach may be and whom to notify if there is a good chance of harm.  We’ll discuss how to know what you have and how to decide if you need to notify.
  • Entities can avoid notification if information has been encrypted according to Federal standards.  We’ll talk about what information needs to be encrypted the most and how entities are doing it.
  • We’ll discuss how to create the right breach notification policy for your organization and how to follow through when an incident occurs.
  • We’ll cover the essentials of information security methods you can use to keep breaches from happening.
  • We’ll help you understand what isn’t a breach and under what circumstances you don’t have to consider breach notification.
  • You’ll find out how to report the smaller breaches (less than 500 individuals), as required, within 60 days of the end of each year.
  • You’ll know why you want to avoid a breach involving more than 500 individuals – media notices, Web site notices, and immediate notification of HHS, including posting on the HHS breach notification “wall of shame” on the Web.• We will describe the most frequent kinds of HIPAA breaches and how they can be prevented
  • We will show the importance of preparation and drills when it comes to breaches

Who should attend? Compliance Manager, HIPAA Officer, Chief Information Officer, Health Information Manager, Medical Office Manager, Medical Practice Lawyer, CFO, CEO, COO. Privacy Officer, Information Security Officer.

Order Below or Call 1-866-458-2965 Today

We Also Recommend
OIG Work Plan 2016: Trends, Reports...

- Duane C. Abbey, Ph.D.

Lessons on Balance Billing & Fee Fo...

- Thomas J. Force, Esq.

The CMS Final Infection Control Wor...

- Sue Dill Calloway, RN, MSN, JD

Case Studies to Reduce Your Complia...

- Elin Baklid-Kunz, MBA, CHC, CPC, CPMA, CCS, AHIMA-Approved

Order Form

(Select the format below)

You can also order through:



About Our Speaker

Jim Sheldon Dean - HIPAA Compliance & Regulations Expert

Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities.  He is a frequent speaker regarding HIPAA, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference.  Sheldon-Dean has more...   More Info
More Events By The Speaker

Why AudioEducator?
  • Save money on travel.
  • Meet your specific training needs.
  • Keep learning after the event.
  • Save time training your whole staff.