HIPAA Breach Evaluation and Reporting – What Qualifies as a Reportable Breach and How to Report It

Event Information
Product Format
Prerecorded Event
60 minutes
Product Description

Learn What Qualifies as a Reportable HIPAA Breach and How to Report It

As a HIPAA covered entity, your medical establishment is required to investigate any security and privacy incident to find out whether an impermissible use or disclosure of protected health information (PHI) is a breach. Determining whether to report or not is not easy, and if the evaluation is not done correctly, you may have to pay penalties – even for small breaches – because the HHS’ regional offices are actively looking for them.

In this audio session, industry expert Jim Sheldon-Dean will show you how to create the right breach notification policy, and how to follow through when an incident occurs. Sheldon-Dean will use examples to demonstrate whether or not to report an incident as a breach, and instruct you on what steps to take when evaluating a breach.

Catch up on the US Department of Health and Human Services’ guidance on how to encrypt and prevent the need for notification in the event of lost data. Find out the four key factors to consider during risk analysis: what the data is and how well identified it is; to whom was it released and do they have obligations to protect the information; whether or not the information actually exposed; and whether or not the incident has been mitigated properly.

Understand what isn’t a breach, and under what circumstances you don’t have to consider breach notification. Learn how to report the smaller breaches (less than 500 individuals), and get clear about the consequences of a breach involving more than 500 individuals – such as media notices, Web site notices, and immediate notification by HHS, including posting on the HHS breach notification “wall of shame” on the Web. Explore the historical analysis of reported breaches and information security trends, find out how to protect information from the most common threats, and understand what kinds of efforts you should make in the future to protect the security of PHI. 

After attending this information-packed session, you will be able to create the right HIPAA breach notification policy, and know how to follow through when an incident occurs. Plus, you’ll be confident in your ability to avoid noncompliance penalties.

Session Highlights

Here’s a taste of what this session will cover:

  • Definition of a breach under HIPAA
  • Privacy violation
  • Exceptions to the definition of a breach
  • What is good enough encryption according to the rules
  • How to perform risk analysis to determine the necessity to report
  • When to report ransomware and breaches
  • How to avoid breaches
  • The most common causes of breaches
  • How to report breaches to the HHS and individuals
  • How to breaches to the press and other agencies
  • How to document your analysis and decisions

Session Agenda

  • HIPAA privacy and security rules
  • What is a HIPAA breach?
  • Learning from past breaches
  • Reliance on the privacy rule and security rule
  • Exceptions to reporting
  • Issues with ransomware
  • Responding to a ransomware attack
  • Process for evaluating an incident that may be a reportable breach
  • Requirements for reporting large and small breaches
  • What should be included in a report

Who Should Attend

  • Compliance directors
  • CEOs and CFOs
  • Privacy officers
  • Security officers
  • Information systems managers
  • HIPAA officers
  • Compliance officers
  • Chief information officers
  • Health information managers
  • Healthcare counsels/lawyers
  • Office managers
  • Contract managers

Order Below or Call 1-844-384-4744 Today

We Also Recommend
You can also order through:




About Our Speaker

Jim Sheldon Dean - HIPAA Compliance & Regulations Expert

Jim Sheldon-Dean is a healthcare compliance and HIPAA expert in the areas of privacy and security regulatory compliance and business process analysis. He is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of healthcare entities. Jim is a frequent speaker regarding HIPAA...   More Info
More Events By The Speaker

Why AudioEducator?
  • Save money on travel.
  • Meet your specific training needs.
  • Keep learning after the event.
  • Save time training your whole staff.
Join Our Mailing List
Our Accreditation Partners
Facebook Twitter Linkedin Youtube RSS Feeds Google Plus
Audio Educator


Dear Valued Customers


We regret to announce that ProEdTech LLC and all its affiliate brands will cease operations on April 1, 2019.


We are no longer able to fulfill online orders. We will fullfill all DVD and book orders already placed.


Customers of canceled webinars and subscription products may request a refund at (800) 223-8720 or service@proedtech.com. You must do so by April 1, 2019.


Thank you for your business and loyalty over the years. We sincerely apologize for any inconvenience caused.


Best regards,

The ProEdTech Team