(Recorded Webinar) What to Do When Your Business Associate Experiences a Breach

Duration: 60 minutes
Recorded on: May 21, 2024

As a HIPAA covered entity, your health center thought it had protected itself when disclosing protected health information (PHI) to a business associate by executing a business associate agreement (BAA) with all the HIPAA required provisions. Everything seemed fine…until the business associate experienced a breach. Maybe your health center knew immediately because access to the systems or services provided by the business associate stopped or slowed or maybe the business associate notified your health center of a “potential security incident” it is investigating.

Given the increased number in cybersecurity attacks and the growing reliance on business associates to provide various functions, activities and services for health centers, this webinar will prepare health centers to respond when a business associate experiences a breach. The presentation will cover determining whether the health center or the business associate should make the breach-related HIPAA notifications, whether to notify the health center’s cybersecurity insurance carrier, and whether the health center should continue to contract with the business associate after a breach. The presentation will also include guidance on BAA provisions that can protect health centers should their business associate experience a breach.  Join us for this timely discussion on how to protect your health center when a business associate experiences a breach.   

Please note: Health Center Compliance Premium Plan Subscribers receive a 10% discount when registering for this webinar. For more information on our Premium Plan, click here or contact us.

Target Audience

  • HIPAA Privacy Officers
  • HIPAA Security Officers
  • Compliance Officers
  • Health Center Directors
  • Medical records staff
  • Administrative and/or office staff

Learning Objectives

After this webinar, you will be able to:

  • Determine whether to accept a business associate’s offer to make breach-related HIPAA notifications
  • Evaluate whether to terminate a contract with a business associate after a breach
  • Update your health center’s BAA template with provisions that protect your health center should your business associate experience a breach
Course summary
Available credit: 
  • 1.00 Certificate of Attendance
Course opens: 
Course expires: 

Dianne Pledgie

Dianne Pledgie serves as Partner and Compliance Counsel with the firm’s Health Care practice group, Dianne advises health centers on implementing effective compliance programs and on addressing top compliance risk areas. Dianne counsels health centers and other organizations on developing compliance programs that include the OIG’s seven elements, respond to identified compliance risk areas, and reflect the organization’s culture. Dianne also advises health centers and other organizations on patient privacy and confidentiality, including the HIPAA Privacy Rule and 42 CFR Part 2. She has experience responding to privacy and security incidents, including determining whether there has been a breach, notifying patients and the government, and creating corrective action plans. [Full Bio]

Certificates of Attendance: We verify attendance upon completion of a webinar (live or recorded version) and will only issue certificates in the name of the account holder enrolled in the course. If you need to document attendance for someone other than the account holder, we provide blank Certificates of Attendance for a supervisor to sign and certify that a different individual viewed the course. 

Group Attendance: Due to the online nature of webinars, we cannot verify participation by more than one person. For groups, we provide an attendance record form and blank Certificates of Attendance to record attendance at a group viewing session and document each individual's participation. We recommend that a supervisor or colleague sign the certificate to certify attendance. 

Read more about maintaining an attendance record in our FAQs.

Available Credit

  • 1.00 Certificate of Attendance


Please login or register to take this course.


Recorded webinars are available for 90 days after the date of purchase or date of the webinar. Once posted to your account, you can view this webinar anytime on-demand during the access period identified in your purchase confirmation. For additional information on viewing and accessing webinars, view our full terms and conditions here.


If you pay by credit card or PayPal, you will be able to access the recorded webinar immediately (unless the live webinar has not yet occurred). If you pay by check, we will grant access to the recording when we receive your check. You will receive a confirmation email once access is granted. Feldesman Training Solutions reserves the right to suspend access to the webinar if payment is not received within 30 days. For more information on payments and registration, please visit our FAQ page.


No refunds will be provided for recorded webinars. Feldesman Training Solutions can transfer a registration to someone else within your organization or, provided you have not already viewed the webinar, transfer the registration to another on-demand program. Where the registration fee for the new webinar is higher, you must also pay the difference between the original course and the new course registration fee at the time of transfer. Administrative fees may also apply. If your organization purchased a webinar under the account of a staff member who no longer works for your organization, please contact us. View our full policy on refunds and cancellations here.

Required Hardware/Software

Google Chrome and Mozilla Firefox are the preferred browsers.