Avoid Massive HIPAA Violation Penalties by Mastering Reporting Rules


You can bet on it. It’s not IF a HIPAA breach will occur at your practice, it’s WHEN!

Failure to timely report a suspected or confirmed HIPAA breach can create headaches for your practice; including unfavorable publicity, government investigations, potentially large fines and paying for identity theft protection for your practices’ patients.

HIPAA compliance problems due to breaches of Protected Health Information (PHI) occur in practices of all sizes and specialty. It is ‘good medicine’ for your practice to learn and apply HIPAA breach reporting protocols.

This webinar will cover step-by-step, practical actions you can take to correctly report breaches of PHI used or disclosed by your practice.

John Steiner, Jr., JD, CHC, a nationally recognized Compliance Officer, will present this webinar “Avoid Massive HIPAA Violation Penalties by Mastering Reporting Rules,” on Tuesday, February 25th at 1pm ET. 

He will guide you through steps that follow the reporting expectations of the Office of Civil Rights (OCR); the federal agency that enforces HIPAA regulations.

Mr. Steiner developed and implemented those steps on behalf of physician practices, both large and small, during his roles as Chief Compliance Officer and Privacy Officer; including his service with the Cleveland Clinic and faculty practice plans.

Here are a few practical tactics that you can put into place in your practice to help you correctly identify and report HIPAA breaches. These tactics also help you demonstrate your ‘good faith HIPAA compliance efforts’ to OCR, if that becomes necessary.

  • Develop credible, self-disclosure breach reports to better protect your practice;
  • Use a step-by-step breach analysis workflow tool to thoroughly document and report breaches;
  • Carefully assess whether a suspected breach is reportable and when it is not;
  • And much, much more…


Don’t assume that your small medical practice is immune from potentially massive HIPAA breach penalties. There are many cases listed on the OCR website where small practices had to pay hundreds of thousands of dollars in financial penalties.

While timely and accurate reporting of HIPAA breaches may not eliminate an OCR penalty, it can help to significantly reduce the amount of the financial penalty.

Remember, the OCR and patients expect ‘good faith compliance efforts,’ which includes procedures that a practice implements and follows.

Those procedures and implementation ‘tools’ are the crux of this upcoming webinar.

Don’t miss it!

Meet Your Expert

John Steiner
Jr, Esq, CHCLegal and Compliance Leader

Mr. Steiner is a highly experienced and accomplished legal and compliance leader in the health services industry.  Over his 40 year career, he has served in leadership roles as Chief Compliance Officer, Privacy Officer, and Legal Counsel for health care providers; including the Cleveland Clinic and the University of Kentucky HealthCare system.   He also served as Senior Counsel for the American Hospital Association and worked extensively with federal agencies responsible for drafting and enforcing various regulatory programs; including the Office of Inspector General of the Department of Health and Human Services.

In his role as Privacy Officer for three health systems during his career, Mr. Steiner directed the design, implementation and administration of the Privacy Rule compliance programs.  In that capacity, we worked collaboratively across each enterprise to educate members of the workforce on their HIPAA responsibilities; including methods for identifying and responding to perceived or actual HIPAA breaches.

He received his Juris Doctor, cum laude, from the Illinois Institute of Technology, Chicago-Kent College of Law, Chicago, Illinois.  He received his B.A. from The Johns Hopkins University, Baltimore, MD, and a Certificate from The Johns Hopkins School of Advanced International Studies, Bologna, Italy

Mr. Steiner is a frequent presenter on health law compliance topics and is a nationally recognized author and editor.  From 2003-2019, he served as the General Editor and contributor to the annual Wolters Kluwer publication: Health Law and Compliance Update.