Syllabus
Breach Basics
- Breaches Happen
- Emotional Norming.
- Being Proactive, not just reactive when it comes to incident and breach preparedness.
- HIPAA Breach Notification Rule
- Requirements of the Breach Notification Rule
- Refresher on what constitutes Protected Health Information (PHI) – what must be protected from “impermissible use or disclosure”
- What makes something a HIPAA breach?
- From incident to breach
- Onus of proving an incident was not a breach
- Was an incident a breach?
- Incident risk assessment factors that are required to be evaluated in the event of a breach
- Breach Exceptions
- Breach Issues Beyond HIPAA
- State Data Breach Rules
- Licensing Board Rules
- Breach Realities
- Data and recommendations from HHS Office of Civil Rights Annual Report to Congress on Breaches of Unsecured Protected Health Information
- Breaches Reported
- Breach Causes
- Breach Investigation
- Recommendations/Lessons Learned
- Data and recommendations from HHS Office of Civil Rights Annual Report to Congress on Breaches of Unsecured Protected Health Information
- Incident Investigation, Breach Determination, and Documentation
- Policies & Procedures that Protect: Your Security Incident Response & Breach Notification Policy
- Incident Investigation and Documentation Basics
- Breach Notification & Reporting Timeframes and Requirements
- Large Breaches (500+ impacted individuals)
- Small Breaches (fewer than 500 impacted individuals)
- Breach Reporting
- Safe Harbor from Breach Notification Rule
- Strategies for Preventing & Limiting Breaches