Breach Notification: Create an Incident Response Plan to Comply with HITECH
Product Description:
Webcast on CD or On-Demand
Sponsored by: Briefings on HIPAA
presented July 15, 2010
No matter how strong your security and privacy policies are, chances are good your organization will face a breach at some point. And that could bring a government audit, public scrutiny, and subsequent penalties and fines.
During this two-hour webcast, our experts discuss what covered entities are required to do to meet new enforceable breach notification requirements. You'll learn how to create or strengthen your incident response plan and implement it across your organization.
LEARNING OBJECTIVES
At the conclusion of this webcast, you will be able to:
- Identify breach notification laws and rules
- Implement breach notification steps in an incident response plan
- Establish a process for determining harm when a breach occurs
- Identify common sources of breaches
TAKE A LOOK AT THE AGENDA
- Breach notification background
- Breach notification laws
- Overview of HITECH and final rule
- Key definitions
- Incident response plan
- HIPAA requirements
- Common components of incident response
- Incident response team
- Appropriate definition of “incident”
- Training needs
- Breach notification requirements
- Breach response steps
- Identify suspected breach
- Assess for safe harbor
- Determine harm
- Notify appropriate parties
- New harm threshold
- Definition of harm
- How to determine harm to patients
- How to perform the harm risk assessment
- Examples and guidelines
- Summary of posted breaches
- Types of CEs
- Types of breaches
- Lessons learned from Healthnet, Griffin Hospital breach response
- Case study: Maryvale Hospital
- Flowchart of response
- Data transfer monitoring or metering
- Monitoring of IP addresses
- Logs of unsuccessful attempts to access Intranet areas
- Question and answer session
BONUS TOOLS
With this webcast, you'll receive a slide presentation of the program materials and valuable takeaways, which you can use at your facility, including:
- Incident response resources and references
- Harm threshold tool from NCHICA
MEET THE SPEAKERS
Kate Borten, CISSP, CISM, is president of The Marblehead Group of Marblehead, MA. She provides privacy and security assessments, regulatory compliance audits, and program development guidance to clients across the healthcare industry. She is a nationally-recognized expert on HIPAA and health information privacy and security, and a frequent speaker on these topics. She is the author of HIPAA Security Made Simple, The HIPAA and HITECH Toolkit, the 2009 HIPAA Training Handbook series, all from HCPro, Inc., and is a member of HCPro's Briefings on HIPAA editorial advisory board.
Frank Ruelas, MBA, is the director of Compliance and Risk Management and the Privacy Officer for Maryvale Hospital in Phoenix, AZ. He is the principal of www.hipaabootcamp.com where he works with covered entities of all sizes and configurations in promoting their compliance with HIPAA and more recently the newly-established requirements brought about by the HITECH Act. He is a frequent speaker at various local, regional, and national conferences on the topics of complying with HIPAA, the HITECH Act, and strategies to address data breaches within the covered entity setting.
WHO SHOULD LISTEN?
Privacy officers, information security officers, compliance officers, HIM and medical records directors, CEO, CIO, health IT professionals, health IT vendors and other business associates.
WEBCAST ON-DEMAND
We are pleased to offer a new option: webcast on-demand. When you purchase a webcast on-demand, you will be able to view the program anywhere and any time by logging into your account. It's a perfect training tool for new staff or a refresher for veteran staff.
Product Types : Departments :
