1 / 7

HIPAA- How To Avoid Data Breach

What is HIPAA? HIPAA: Health Insurance Portability and Accountability Act It was passed by Congress in 1996 It includes requirements for: Transfer and continuation of health insurance coverage for millions of American workers and their families when they change or lose their jobs Reducing healthcare fraud and waste The protection and confidential handling of protected health information (PHI) HIPAA Breach Notification Rule What is a breach? A breach is an impermissible use or disclosure that compromises the security or privacy of PHI and poses a significant risk of financial, reputational, or other harm to the affected individual. Breach notification is necessary in all situations except those in which the covered entity or business associate demonstrates that there is a low probability that the PHI has been compromised. What to Do When You Have a Breach? You have to notify the affected individual immediately in case of a breach You should notify the same day the breach has been identified or within a maximum of 60 days The notice, in plain language, should include: What happened: date of breach and discovery What information was breached What steps the affected individual should take to protect him/herself What covered entity is doing about it: Investigating the incident Mitigating the impact Steps taken to protect against any future incidents Contact information : a toll-free number, email and postal address or a specific website where the individual can get more information/ advice/ give feedback For more details visit us at:http://www.complianceonline.com/the-new-hipaa-audit-program-focus-webinar-training-703180-prdw?channel=ppt-slideserve

complianceonline
Télécharger la présentation

HIPAA- How To Avoid Data Breach

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. HIPAA- How To Avoid Data Breach?

  2. What is HIPAA? • HIPAA: Health Insurance Portability and Accountability Act • It was passed by Congress in 1996 • It includes requirements for: • Transfer and continuation of health insurance coverage for millions of American workers and their families when they change or lose their jobs • Reducing healthcare fraud and waste • The protection and confidential handling of protected health information (PHI)

  3. HIPAA Breach Notification Rule • What is a breach? • A breach is an impermissible use or disclosure that compromises the security or privacy of PHI and poses a significant risk of financial, reputational, or other harm to the affected individual. • Breach notification is necessary in all situations except those in which the covered entity or business associate demonstrates that there is a low probability that the PHI has been compromised.

  4. What to Do When You Have a Breach? • You have to notify the affected individual immediately in case of a breach • You should notify the same day the breach has been identified or within a maximum of 60 days • The notice, in plain language, should include: • What happened: date of breach and discovery • What information was breached • What steps the affected individual should take to protect him/herself • What covered entity is doing about it: • Investigating the incident • Mitigating the impact • Steps taken to protect against any future incidents • Contact information : a toll-free number, email and postal address or a specific website where the individual can get more information/ advice/ give feedback

  5. What to Do In Case of Large Breaches? • If the ePHI of more than 500 residents of a jurisdiction has been breached, the media should be notified in addition to notifying the affected individuals. • The Secretary of the HHS should also be notified through the breach report form on the HHS website.

  6. How to Prevent Breaches? • Eliminate unnecessary data and keep strict controls on the remaining • Ensure essential controls are met • Assess remote access services • Test and review web applications • Audit user accounts and monitor privileged activity • Monitor and mine event logs

  7. Want to learn more about HIPAA, HIPAA Privacy and Security Rule, its requirements and best practices to comply with them? ComplianceOnline webinars and seminars are a great training resource. Check out the following links: • How to examine security policies, practices, and risk issues to comply with HIPAA • How to use social media and texting without breaking HIPAA rules • How to Conduct risk analysis to comply with HIPAA • HIPAA/HITECH Assessment for Healthcare Business Associates • How to comply with HIPAA Omnibus Rule • Understanding new rules and responsibilities of Privacy Officer under HIPAA • HIPAA Security and Breach Rule Compliance

More Related