WEBINAR | Managing the Unmanageable in a HIPAA Breach Response (Rising to the Challenge of the Rogue Physician)

Michelle Pendergrass, Chief Compliance Officer/Privacy Officer, Midland Health; Darren Skyles, Member; Courtney Gahm-Oldham, Member, FBT Law; and Stephen Collins, Senior Advisor, Impact Advisors.  The Privacy and Security incident response team from a regional health system comprised of a large acute care facility and several physician corporations shares its story of how the team responded to a complex breach matter involving a physician who abandoned his residence in the middle of the night and left behind patient records in both paper and electronic format, later to be discovered at an estate sale. The incident response team—which included the General Counsel, Compliance Officer, ISO and outside (insurance appointed) cyber security council—devised and refined a meaningful and detailed incident response plan to deal with this complicated matter. The panel addresses how to develop a meaningful incident response plan, through trial and response; how to communicate and navigate the relationship with the cyber security insurer; and the challenges of balancing legal/compliance risk, public relations and communications with senior leadership and stakeholders.