HIPAA Risk Analysis: Clarified, Explained, Demonstrated
Duration: 90 Minutes
Jocelyn Samuels, the top Federal official in charge of HIPAA enforcement said, "The one critical thing covered entities and business associates must do to ensure compliance with HIPAA’s Privacy Breach, and Security Rules is a HIPAA Risk Analysis - a comprehensive and thorough approach to assessing and addressing the risks to all of the protected health information(PHI) they maintain." Risk Analysis is compulsory; however, 2012 audits found 80% of health care providers failed to comply with this mandatory requirement.
Objectives of the Presentation
Why Should you Attend
- Importance of HIPAA Risk Analysis
- HIPAA Risk Analysis explained in a clear concise step-by-step process
- The elements of a complete HIPAA Risk Analysis - All PHI
- Creating your HIPAA Risk Management Program directly from your HIPAA Risk Analysis
Covered Entities and Business Associates are under intense pressure to do a HIPAA Risk Analysis of the entire PHI they maintain - and have been left on their own to do it.
- HIPAA Rules do not explain how to do a Risk Analysis
- HHS provides 9 pages of guidance, published in 2010 based on recommendations of the National Institute of Standards and Technology (NIST). However, the lengthy, complex NIST recommendations cited by HHS are highly technical and specifically geared to "the computer security community
- A Security Risk Assessment Tool designed only for small medical practices, is available at HealthIT.gov but does not cover the HIPAA Privacy Rule and carries the express warning. Use of this tool is neither required by nor guarantees compliance with federal, state or local laws. No wonder HHS found 80% of health care providers failed to do the Risk Analysis
HIPAA violations are increasing dramatically. 2015 is the "Year of the Breach". Expect both increased government enforcement and private lawsuits in future. This program is specifically designed to protect your organization by explaining and de-mystifying HIPAA Risk Analysis.
- Explain HIPAA Risk Analysis clearly and simply for staff of Covered Entities and Business Associates tasked with doing a HIPAA Risk Analysis who are not members of the computer security community
- Clarify and follow NIST methods without confusing with jargon and complexity
- Cover Risk Analysis of all PHI - not just electronic PHI
- Demonstrate an interactive, intuitive method for completing the Risk Analysis and creating a Risk Management Program to help you jump start compliance
This presentation is designed to enable your organization to perform a complete Risk Analysis of every PHI it creates, receives, maintains or transmits in any format. You will understand and identify threats, vulnerabilities and risks to your organization's PHI wherever it is located.
Who can Benefit
- Health Care Provider - Business Associate
- HIPAA Compliance Officials
- Marketing - Patient Relations Manager
- Health Care Practice Manager
- Risk Manager - Compliance Manager
- Information Systems Manager
- Legal Counsel