Guidance of the Process used in Breach Investigations presented at ISSA 2015

by Megan Yelorda,

Summary : In this presentation, the topic of what constitutes a breach will be discussed, as well as the breach reporting requirements that Covered Entities (CE) must adhere to. Also, guidance on OCR’s investigative process once a breach is reported will be provided. This guidance will include general information regarding which breaches OCR investigates, how OCR determines what information to obtain from a CE throughout the course of a breach investigation, and how OCR resolves breach investigations. Additionally, the submission, investigation, and resolution of a hypothetical breach report as a case study will be discussed.