HIPAA for the Small Provider

Session 1: 

Presenters: Hyla Schreurs and Rachel Lips

General Information

  • OCR Overview
  • Who is Covered by HIPAA (Covered Entities and Business Associates)
  • • How the compliance process works

Privacy Rule

  • What is and isn’t PHI 
  • Permitted Uses and Disclosures
  • Incidental Disclosures
  • Minimum Necessary Standard
  • Authorizations
  • Marketing
  • Administrative Requirements (Designate a Privacy Officer, Designate Person/Office to Receive Complaints, Provide Training, Develop and Implement Policies and Procedures)
  • Covered entities’ duties

Session 2:

Presenters: Hyla Schreurs and Emily Prehm

  • Individual Rights (NPP, Access, Amendment, Accounting, Alternative Communications, Request Restriction, Complaints to the CE and OCR)

Session 3:
Presenters: Meghana Shah and Karel Hadacek
Security Rule

  • Definitions/General Rules
  • What is Covered
  • Standards and Implementation Specifications
  • Administrative Safeguards
  • Physical and Technical Safeguards
  • Organization Requirements
  • Security Rule Resources

Session 4: 
Presenters: Emily Prehm and Rachel Lips
Breach Notification Rule

  • Definition of Breach
  • Notification to the Individual, Media, and HHS
  • Breach Highlights
  • What Happens when HHS/OCR receives a Breach Report


  • Compliance Trends/Challenges
  • Complaint Process/Enforcement Process
  • Recent Enforcement Actions and General Enforcement Highlights
  • Compliance Challenges

Breach and Enforcement examples

Hyla Schreurs, J.D.

Supervisory Equal Opportunity Specialist

Rachel Lips, J.D.

Equal Opportunity Specialist

Emily Prehm, J.D.

Equal Opportunity Specialist

Meghana Shah, J.D.

Equal Opportunity Specialist

Karel Hadacek, J.D.

Equal Opportunity Specialist


HIPAA for the Small Provider Part 1
Open to view video.
Open to view video. The webinar will cover what is and isn't protected health information (PHI), permitted uses and disclosures, authorizations, administrative requirements and more. Attendees will gain an understanding of their regulatory obligations and how the compliance process works.
HIPAA for the Small Provider Part 2
Open to view video.
Open to view video. The webinar will cover Notices for Privacy Practices (NPP), accounting, alternative communications, request restrictions and more.
HIPAA for the Small Provider Part 3
Open to view video.
Open to view video. This webinar will cover standards and implementation specifications, organization requirements, administrative safeguards, physical and technical safeguards and more.
HIPAA for the Small Provider Part 4
Open to view video.
Open to view video. This webinar will cover the definition of breach and appropriate ways to notify individuals, media, and HHS. Additionally, attendees will learn about recent enforcement actions, compliance trends and compliance challenges.