Overview:
This lesson is designed to enable your Organization to perform a complete Risk Analysis of all PHI it creates, receives, maintains or transmits in any format. You will understand and identify threats, vulnerabilities and risks to your organization's PHI wherever it is located.
- Explain HIPAA Risk Analysis clearly and simply for staff of Covered Entities and Business Associates tasked with doing a HIPAA Risk Analysis who are not members of "the computer security community"
- Clarify and follow NIST methods without confusing jargon and complexity
- Cover Risk Analysis of all PHI - not just electronic PHI
- Demonstrate an interactive, intuitive method for completing the Risk Analysis and creating a Risk Management Program to help you jump start compliance
Why should you Attend: Covered entities and Business Associates are under intense pressure to do a HIPAA Risk Analysis of all PHI they maintain - and have been left on their own to do it.
- HIPAA Rules do not explain how to do a Risk Analysis
- HHS provides 9 pages of guidance, published in 2010 that "is based on recommendations of the National Institute of Standards and Technology (NIST)" However, the lengthy, complex NIST recommendations cited by HHS are highly technical and specifically geared to "the computer security community"
- A "Security Risk Assessment Tool", designed only for small medical practices, is available at HealthIT.gov but does not cover the HIPAA Privacy Rule and carries the express warning, "Use of this tool is neither required by nor guarantees compliance with federal, state or local laws"
Areas Covered in the Session:
- HIPAA Risk Analysis Importance Explained
- HIPAA Risk Analysis Explained In A Clear Concise Step-by-Step Process
- The Elements OF A Complete HIPAA Risk Analysis - All PHI
- Creating Your HIPAA Risk Management Program Directly From Your HIPAA Risk Analysis
Who Will Benefit:
- HIPAA Compliance Officials
- Marketing - Patient Relations Manager
- Health Care Practice Manager
- Risk Manager - Compliance Manager
- Information Systems Manager
- Legal Counsel