Professional Guidance on Conducting a Comprehensive HIPAA Risk Analysis
Duration : 60 Minutes
Roya Camille Keyan,
Roya Camille Keyan established HR Advisory Group Ltd in 2005 to address the growing need for expert, accessible, outsourced regulatory compliance, healthcare and human resource needs of organizations lacking HR departments as well as those needing additional support. Ms. Keyan has over twenty-five Read more
A HIPAA Risk Analysis is one of the most important steps for Covered Entities (CE) to undertake in ensuring HIPAA compliance.
The Risk Analysis is the critical and foundational, federally mandated first step in the development and maintenance of your HIPAA compliance program, and is a step that many CE's do overlook, which can be both risky and quite costly. Failure to conduct a thorough and comprehensive risk assessment has been a consistently cited deficiency in an overwhelming number of recent HIPAA enforcement cases, demonstrating that this step is extremely challenging for organizations.
Course Objectives:
HIPAA requires a comprehensive, customized, enterprise-wide risk analysis that looks into all systems that touch protected health information, including billing systems, email and other requirements. This critical step becomes the basis for your HIPAA program to pinpoint your organization's vulnerabilities and deficiencies.
Far too many health providers believe that if they honor their obligation of maintaining client confidentiality, they will be HIPAA compliant. In addition, many also believe that if their electronic health record provider promises HIPAA compliance, they will HIPAA compliant. Unfortunately, these are commonly held, as well as dangerous myths. The reality is that HIPAA is far more complex than most entities realize, requiring continual, ongoing efforts to protect patient information.
HIPAA has very specific privacy requirements for managing protected health information that reaches far beyond the familiar Notice of Privacy Practices, and HIPAA security regulations also compel providers to consider all electronic (and paper) aspects of their practice.
Course Outline:
• Definition of the Key Steps and Components in a Comprehensive Risk Assessment
• Understand the expectations of the Office of Civil Rights (OCR)
• Identifying Vulnerabilities, Threats, and Risk
• Identification of Risk Management and Security Measures
• Development and Implementation of Required Sanctions and Protocols
• Implementation of required procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports
• and more
What You Get:
• Training Materials
• Live Q&A Session with our Expert
• Participation Certificate
• Access to Signup Community (Optional)
• Reward Points
Who Will Benefit:
• Compliance Director
• Healthcare Compliance Personnel
• Security and Privacy Professional
• Information Systems Manager
• HIPAA Officer
• Chief Information Officer
• Health Information Manager
• Healthcare Counsel/lawyer
• Contracts Manager
• Business Owners
• Executive Management
• Board Members
• Physicians
• Health Care Administrators
• Practice Managers
• Billing Practices
• Business Associates
• Compliance Professionals
• Risk Managers
Please reach us at 1-888-844-8963 for any further assistance or if you wish to register
