HIPAA Breach Notification Rule

Duration 90 Mins
Level Basic & Intermediate & Advanced
Webinar ID IQW19C0373

  • The HIPAA definition of a security incident
  • The HIPAA definition of a breach
  • The HIPAA definition of a reportable breach
  • Example of a NIST analysis
  • How do you report a breach, to affected individuals, to DHHS, to others
  • How do you mitigate the harm of a breach to your organization
  • How do you respond if DHHS investigates the breach
  • The HIPAA test for whether a breach is reportable using the National Institute for Standards and Technology (NIST) test

Overview of the webinar

  • What is a security incident
  • What is a security breach
  • What is a reportable security breach
  • How do you respond to investigations by DHHS
  • How do you minimize harm to the subjects of the breach to minimize liability
  • How do you investigate a security incident to determine whether it is a breach
  • How do you report a security breach to minimize liability

Who should attend?

  • HIPAA compliance officers
  • HIPAA security officers
  • HIPAA privacy officers
  • CFOs
  • CEOs
  • COOs
  • CIOs
  • Human resources directors
  • Business office managers
  • Administrators
  • Medical records personnel
  • Health care attorneys
  • Patient accounts managers
  • Billing services
  • Physicians
  • Dentists
  • Pharmacists
  • Occupational therapists
  • Nurses
  • Chiropractors 
  • Business associates
  • Mental and behavioral health professionals
  • Speech language pathologists and audiologists
  • Health information management professionals

Why should you attend?

  • Privacy officers, security officers, compliance officers and healthcare attorneys who may have to decide whether a breach of health information is reportable
  • Absolutely need to know the rules so that they don't expose their covered entities
  • Such healthcare providers and health plans and now business associates of covered entities to seven-figure liability for failure to properly handle such a breach

Faculty - Mr. Jonathan P. Tomes

Jonathan P. Tomes is a national HIPAA compliance consultant and attorney admitted in Illinois, Missouri, Kansas, and Oklahoma who practices in Kansas City, Kansas, and the greater Kansas City area. After he had retired from the U.S. Army as a JAGC officer, having been a military judge (which taught him how to read and interpret government regulations) and having spent several years as a military intelligence officer (which taught him about gathering and using information), he taught law at IIT Chicago-Kent College of Law before he opened his own private law practice. Mr. Tomes is President of EMR Legal, a national HIPAA compliance consulting firm. EMR Legal has consulted and trained over 1,000 HIPAA clients since 1998, ranging from Federal, State and County governments to large hospitals to small practices. Jon is currently working on an online HIPAA training video and an online HIPAA risk assessment.

For group or any booking support, contact: