Show navigation

Available in:

OnDemand Webinar
Audio & Reference Manual
MP3 Download

HIPAA Security Breach Response Plan

If and when protected health information is compromised at your organization, be ready to execute your own security breach response plan.

Many covered entities and business associates who are required to comply with HIPAA as well as other federal and state law requirements protecting the privacy and security of patient information still misunderstand when an incident rises to the level of a Breach and what the required responses are. There also continues to be misunderstanding of how and when a breach occurs in certain contexts, who is responsible for it (i.e., the BA or CE?), who needs to be notified and with whom do the legal and contractual obligations rest. This topic helps the persons responsible for their organization's compliance with HIPAA and other federal and state laws requiring a consistent evaluation of each Security Incident which might compromise Protected Health Information. The material also explains the specific requirements of calculating the 500 or more threshold number of affected individuals for purposes of reporting by a business associate (i.e., per covered entity) and by the covered entity, as well as for purposes of notifying the media (i.e., per jurisdiction). This topic will go into detail and provide you and your organization with a uniquely developed Breach Risk Assessment tool that allows consistent evaluation of HHS Four Factors that are critical to a final determination of whether a breach is reportable to HHS. This information is critical for organizations to hone their breach policies and procedures to prevent under reporting of breaches (which is a HIPAA violation) as well as to over reporting of breaches (i.e., reporting an incident when HIPAA does not legally require it to be reported), which can lead to an unnecessary HHS/OCR investigation.

Runtime: 96 minutes
Purchase Options

More Program Information

Why Lorman?

Over 31 years and 1.4 million customers worth of experience providing continuing education. Our passion is providing you world-class training to help you succeed in business and as a professional.

Agenda

Definitions of Key HIPAA Terms

  • A Detailed Review of Key HIPAA Definitions Will Be Covered: "Breach" "Security Incident" "Protected Health Information" "De-Identified Data"
  • Discussion on How These Definitions Materially Affect Analysis of Whether or Not a Security Incident Rises to the Level of a Breach, and Whether Notification or Other Response Is Required
  • Discussion of Why It Is Critical That Definitions of Such Terms Which Appear in HIPAA Business Associate Agreements Track HIPAA's Definitions

HIPAA Breach Risk Assessment

  • Do You Have a Breach of "500 or More" Affected Individuals? Discussion of HHS's Guidance on How to Calculate the Total Number of Individuals Affected by a Breach (i.e., per Covered Entity). Additional Discussion Regarding How to Calculate Number of Individuals Affected by State/Jurisdiction for Purposes of Media Notices
  • Safe Harbors: "Unintentional"; "Inadvertent"; Not "Reasonably Retained". Overview of the Statutory Carve-Outs Which Permit a Conclusion of "No Breach"
  • Evaluating "Low Probability" PHI Compromised. Detailed Discussion of HHS's Guidelines on How to Evaluate the "Low Probability" Threshold in a Consistent Matter. Overview of the Four Factors Critical to This Assessment, and How to Evaluate the Four Factors in a Consistent Manner. A Deep Dive Into:

- Nature and Extent of Data: Discussion of Minimal PHI? De-Identified Data? Limited Data Sets?

- Nature of Recipient/Unauthorized Individual: Discussion of Cooperative vs. Uncooperative Individuals

- Determining If PHI Was "Acquired" or "Viewed": Discussion of Confirming No Access Through Forensics; HHS's Discussion and Guidance Regarding Whether Deployed Ransomware Is a "Breach"

- Mitigation: Discussion of What Steps Need to Be Taken for "Full Mitigation"; Discussion of Sanitization of External Devices and Accounts That May Have Transmitted and/or Housed Breached PHI, and When Legal Intervention Might Be Appropriate (i.e., Discussion of Successful Interventions by Courts)

- Step-By-Step Work Through of Example Breach Cases Using Oscislawski LLC's Low Probability Assessment Tool to Apply the Four Factor Test and Calculate a "Low Probability Score", and Discussion of How to Use the Low Probability Score in Final Determination of Whether a Breach Is "Reportable" (i.e., Notices Required). (See Sample HIPAA Breach Risk Assessment Tool to Be Provided With Webinar)

Breach Response

  • Discussion of What Are the Breach Notification Requirements and Other Obligations of a Business Associate
  • Discussion of What Are the Breach Notification Requirements and Other Obligations of a Covered Entity, Including Detailed Drill Down on Notifications to HHS (Immediate vs. Annual); Notification to Individual (Incl. State Law Considerations); Notification of Media (What Is Required? and the 500 Individuals per/Jurisdiction Threshold)
Purchase Options

More Program Information

Why Lorman?

Over 31 years and 1.4 million customers worth of experience providing continuing education. Our passion is providing you world-class training to help you succeed in business and as a professional.

Credits

OnDemand Webinar

Applications have not yet been submitted for Delaware, Idaho, Kentucky, Ohio, Oklahoma, South Carolina, and Wyoming CLE for this course. However, if you are interested in obtaining CLE for any of the listed states or have any additional credit questions please email us at ondemandinfo@lorman.com or call us at 866-352-9540.

This course was last revised on May 16, 2018.

Call 1-866-352-9540 for further credit information.

  • AHIMA 1.5 including Privacy & Security 1.5
     
  • This program has been approved for 1.5 continuing education units for use in fulfilling the continuing education requirements of the American Health Information Management Association (AHIMA). Granting prior approval from AHIMA does not constitute endorsement of the program content or its program sponsor.
     
  • AK CLE 1.5
     
  • Alaska attorneys may receive 1.5 hours of continuing legal education for completing this program. Please contact the Alaska Bar Association or go to www.alaskabar.org for details regarding reciprocity with other states.
     
  • AL CLE 1.6
     
  • This course or a portion thereof has been approved by the Alabama State Mandatory Continuing Legal Education Commission for a maximum of 1.6 hours credit.
     
  • Arizona CLE 1.5
     
  • The Arizona State Bar does not pre-approve or pre-certify MCLE programs. However, records of this program and attendance will be maintained by Lorman Education Services for auditing purposes. This activity may qualify for up to 1.5 hours toward your annual CLE requirement for the State Bar of Arizona.
     
  • CA MCLE 1.5
     
  • Lorman Business Center, Inc. is a State Bar of California approved MCLE sponsor and this course qualifies for 1.5 CLE hours of participatory credit.
     
  • CO CLE 2.0
     
  • This program may qualify for 2.0 credit hours through the Colorado Supreme Court Board of Continuing Legal and Judicial Education through reciprocity. This course is accredited in other jurisdictions such as New Jersey. To receive CLE credit for this program, a home study affidavit must be submitted to the Supreme Court Board of Continuing Legal and Judicial Education.
     
  • CT CLE 1.5
     
  • Neither the Connecticut Judicial Branch nor the Commission on Minimum Continuing Legal Education approve or accredit CLE providers or activities. This course has been approved for CLE credit in jurisdictions aside from CT and therefore it automatically meets the content and delivery requirements in Connecticut. Credit is based on a 60 minute credit hour and shall be awarded as follows: 1.5 CLE credit(s).
     
  • HI CLE 1.5
     
  • This program was approved by the Hawaii State Board of Continuing Legal Education for 1.5 CLE credit hours.
     
  • IL CLE 1.5
     
  • This course was approved for a total of 1.5 hours of MCLE Credit by the Illinois MCLE Board.
     
  • ME CLE 1.5
     
  • This course has been approved by the State of Maine Board of Overseers of the Bar. Lawyers who complete this course shall receive 1.5 hours of CLE credit under M. Bar R. 12.
     
  • MS CLE 1.6
     
  • This program has been approved by the Mississippi Commission on Continuing Legal Education for a maximum of 1.6 credit hours.
     
  • MT CLE 1.5
     
  • This program has been approved by the Montana Commission of Continuing Legal Education for a total of 1.5 CLE credits.
     
  • ND CLE 1.5
     
  • North Dakota CLE policy does not allow for pre-approval of any self-study courses. This course may qualify for up to 1.5 hours of CLE credit.
     
  • NH MCLE 1.6
     
  • NH MCLE does not approve or accredit CLE activities for the NH Minimum CLE requirement. Lorman Education Services believes this course meets the requirement of NH Supreme Court Rule 53 and may qualify for CLE credit(s). Program Length: 95 Minutes.
     
  • NJ CLE 1.8
     
  • This program has been approved by the Board on Continuing Legal Education of the Supreme Court of New Jersey for 1.8 hours of total CLE credit.
     
  • NV CLE 1.5
     
  • This program has been approved by the Nevada Board of Continuing Legal Education for 1.5 CLE hours.
     
  • PA CLE 1.5
     
  • This Distance Learning program has been approved by the Pennsylvania Continuing Legal Education Board for 1.5 hours of substantive law, practice and procedure CLE credit.
     
  • RI CLE 1.5
     
  • This program has been approved by the Rhode Island Mandatory Continuing Legal Education Commission for 1.5 hours of CLE credit.
     
  • TN CLE 1.58
     
  • This program has been approved as a distance learning format by the Tennessee Commission on Continuing Legal Education for a maximum of 1.58 hours of credit.
     
  • VT CLE 1.5
     
  • This program has been approved by the Mandatory Continuing Legal Education Board of Vermont for 1.5 hours of self-study CLE credit.
     
  • WA CLE 1.5
     
  • This program has been approved by the Washington State Board of Continuing Legal Education for 1.5 hours of A/V credit under the Law & Legal Procedure category.
     
  • WI CLE 1.5
     
  • This program has been approved by the Board of Bar Examiners for 1.5 hours for use toward the Wisconsin Mandatory CLE requirement.
     
  • WV MCLE 1.8
     
  • This program has been approved by the West Virginia State Bar MCLE Commission for 1.8 MCLE hours.
     

To earn each credit Lorman offers through the OnDemand learning platform, you need to watch 100% of the program. Also, for certain credits you will need to fulfill additional requirements which will be displayed on the "credits" tab when viewing the course.

This program does NOT qualify, nor meet the National Standard for NASBA accreditation.

Audio & Reference Manual

  • Arizona CLE 1.5
     
  • CA MCLE 1.5
     
  • CT CLE 1.5
     
  • GA CLE 1.5
     
  • HI CLE 1.5
     
  • IL CLE 1.5
     
  • ME CLE 1.5
     
  • MT CLE 1.5
     
  • NJ CLE 1.8
     
  • NV CLE 1.5
     
  • VT CLE 1.5
     
  • WA CLE 1.5
     
  • WV MCLE 1.8
     
The CLE Code is ONLY a requirement when applying for CLE Credit in California (for participatory credit), Kansas, New Jersey or New York. Other states do not need to supply the CLE Code to apply for CLE credit.

This program does NOT qualify, nor meet the National Standard for NASBA accreditation.

MP3 Download

  • Arizona CLE 1.5
     
  • CA MCLE 1.5
     
  • CT CLE 1.5
     
  • HI CLE 1.5
     
  • IL CLE 1.5
     
  • ME CLE 1.5
     
  • MT CLE 1.5
     
  • NJ CLE 1.8
     
  • NV CLE 1.5
     
  • VT CLE 1.5
     
  • WA CLE 1.5
     
  • WV MCLE 1.8
     
The CLE Code is ONLY a requirement when applying for CLE Credit in California (for participatory credit), Kansas, New Jersey or New York. Other states do not need to supply the CLE Code to apply for CLE credit.

This program does NOT qualify, nor meet the National Standard for NASBA accreditation.

Purchase Options

More Program Information

Why Lorman?

Over 31 years and 1.4 million customers worth of experience providing continuing education. Our passion is providing you world-class training to help you succeed in business and as a professional.

Faculty

Helen Oscislawski, Esq.

Helen Oscislawski, Esq.

Attorneys at Oscislawski LLC

  • Founding partner, Attorneys at Oscislawski LLC
  • Corporate and regulatory attorney whose practice focuses almost exclusively on advising and representing health care clients
  • Recognized nationally for her substantial experience with and understanding of legal issues that arise with the use of electronic medical records and networked health information exchange
  • In 2008, Governor Corzine appointed her to the New Jersey Health Information Technology Commission to fill the seat reserved by statute for 'an attorney practicing in this State with demonstrated expertise in health privacy' in 2010, Governor Christie reappointed her to the Commission, and she also served as the chair of New Jersey’s Privacy and Security Committee
  • Over the course of her career, she has completed complex legal analyses regarding patient consent issues, privacy standards, security breach response, and other patient-data related challenges
  • Known to many as a 'go to' attorney on HIPAA, health information exchange and technology, and legal advice relating to health care data breaches
  • Currently advises some of the most sophisticated organizations in the nation on all aspects of managing patient privacy and legal risk resulting from data breaches
  • Who’s Who 2017 Top Lawyer, and is also recognized as a Lawyer of Distinction, a designation granted to only the top 10% of attorneys in the nation
  • Speaks regularly at various national events on these topics, as well as maintains a popular blog called 'Legal HIE' (www.legalhie.com)
  • Can be contacted at helen@oscislaw.com
Purchase Options

More Program Information

Why Lorman?

Over 31 years and 1.4 million customers worth of experience providing continuing education. Our passion is providing you world-class training to help you succeed in business and as a professional.

All of your training, right here at Lorman.

Pay once and get a full year of unlimited training in any format, any time!

  • Live Webinars
  • OnDemand Webinars
  • MP3 Downloads
  • Course Manuals
  • Audio Recordings*
  • Executive Reports
  • White Papers and Articles
  • Sponsored Live Webinars

Additional benefits include:

  • State Specific Credit Tracker
  • Members Only Newsletter
  • All-Access Pass Course Concierge

* For audio recordings you only pay shipping

Questions? Call 877-296-2169 to speak with a real person.

Sign Up Today
With This Course

Access to all training products for one year
$699/year

Unlimited Lorman Training

With the All-Access Pass there is no guessing what you will need for your yearly training budget. $699 will cover all of your training needs for an entire year!

Easy Registrations

Once you purchase your All-Access Pass you will never be any further than one-click away from attending any Lorman training course.

Invest in Yourself

You haven't gotten to where you are professionally by luck alone; it's taken a lot of hard work and training. Invest in yourself with the All-Access Pass.

Product ID: 402100
Published 2018
Purchase Options

Available in Multiple Formats

Purchase this course and learn on your schedule!