How to Conduct a HIPAA Risk Assessment
Overview:
 |
"This Course is approved for 1 general credit from the Nevada Board Of Continuing Legal Education." |
Overview: Understanding the proper methodologies on conducting a HIPAA Risk Assessment based on the requirements of the HIPAA Security Rule is critical for any organization. The U.S.Department of Health and Human Services requires all organizations handling protected health information (PHI), including HIPAA hosting providers, to conduct a risk assessment as the first step toward implementing safeguards specified in the HIPAA Security Rule, and ultimately achieving HIPAA compliance.
This webinar will cover concepts involved in a security risk analysis and overall risk management. Sample assessment questions will be reviewed and guidance provided on how to make risk level determinations based on responses. Documenting the results of the risk assessment will covered. If your healthcare practice or business needs to understand how to conduct a HIPAA Risk Assessment, please join us for this informative and interactive session.
Why should you Attend: With a substantial increase HIPAA data breaches and increased government enforcement, organizations must understand how to conduct a HIPAA Risk Assessment.
The HIPAA Security Rule requires entities to evaluate risks and vulnerabilities in their environments and to implement reasonable and appropriate security measures to protect against reasonably anticipated threats or hazards to the security or integrity of e-PHI. The risk assessment is the first step in that process.
Areas Covered in the Session:
- Why was HIPAA created?
- Who Must Comply with HIPAA Requirements?
- What is the HIPAA Security Rule?
- What policies and procedures must be in place
- Risk assessment methodology
- Elements of a risk assessment
- NIST Cybersecurity Crosswalk for the HIPAA
- What are "Required" and "Addressable" Implementation Specifications?
- What are Administrative, Technical, and Physical Safeguards Requirements?
- What are the penalties and fines for non-compliance and how to avoid them
- Q&A
Who Will Benefit:
- Compliance Officer
- HIPAA Privacy Officer
- HIPAA Security Officer
- Medical/Dental Office Managers
- Practice Managers
- Information Systems Manager
- Chief Information Officer
- General Counsel/Lawyer
- Practice Management Consultants
Speaker Profile
Jay Hodes president of Colington Security Consulting, LLC, which provides HIPAA consulting services for healthcare providers and business associates. Mr. Hodes has over 30 years of combined experience in risk assessments, site security evaluation, regulatory compliance, policy and procedures assessments, and federal law enforcement management. He is the former Assistant Inspector General for Investigations at the U.S. Department of Health and Human Services.
Mr. Hodes has been the keynote speaker and provided presentations regarding HIPAA compliance to a number of professional healthcare organizations. He has published over 30 educational articles regarding HIPAA compliance, been featured in Part B news articles and provided a guest post for the Electronic Health Reporter.
Mr. Hodes has been the keynote speaker and provided presentations regarding HIPAA compliance to a number of professional healthcare organizations. He has published over 30 educational articles regarding HIPAA compliance, been featured in Part B news articles and provided a guest post for the Electronic Health Reporter.