Skip to main content

How to Conduct a HIPAA Security Risk Assessment per NIST guidance


Overview
This course will cover the proper methodologies on conducting a HIPAA Risk Assessment based on the formula used by Federal auditors and via the guidelines of the NIST (National Institute of Standard for Technologies). The course will also cover the most important aspects to be aware of in terms of the Federal auditing process as well as the new risks regarding patients suing for wrongful disclosures.
Why should you attend this webinar?
Have your done a HIPAA Security Risk Assessment? What about a full scope HIPAA Security/Privacy Risk Assessment?
Do you know a risk assessment is the first thing the Feds will ask for in an OCR audit and may also be required should litigation be brought against the organization?
Is your risk assessment adequate?
Do you have written policies in place for every single one of the implementation specification of the HIPAA Security Rule (even ones that don't apply) - do you know this is required!!
I will show how to conduct a PROPER risk assessment point by point and how to also avoid scams in the market. We will also be discussing the absolute importance of doing a risk assessment and that this is the first thing the OCR will ask for. I will instruct the listeners on how to write proper policies and procedures which are to be based upon the findings of the risk assessment and how to word the policies to satisfy the Fed. We will also discuss the importance of having policies which are consistent with your procedures and also discuss the negative ramification of cookie cutter templates in the eyes of the Federal government.
Areas Covered in the Session:
  • Updates for 2018
  • Policies and Procedures
  • Risks
  • Business associates and the increased burden
  • Conduct a NIST based HIPAA Security Risk Assessment for a hypothetical organization
  • Practice managers
  • Any business associates who work with medical practices or hospitals (i.e. billing companies, transcription companies, IT companies, answering services, home health, coders, attorneys, etc)
  • MD's and other medical professionals
Who can Benefit:

  • Private practice
  • Hospitals
  • Billing companies
  • Transcriptions companies
  • Home health groups
  • Health insurance
  • Ambulatory
  • IT companies
  • Attorneys
  • Practice Managers Associations
  • Healthcare and any entities doing business with healthcare as "business associate"

Comments

Popular posts from this blog

New 2019 HIPAA Guidance on De-Identifying Protected Health Information

Compliance Key  -   HIPAA Compliance Training Overview This seminar will be addressing how practice/business managers or compliance officers need to get their HIPAA house in order, as HIPAA is now fully enforced and the government is not using kid gloves anymore. It will also address major 2019 changes taking place with the Health and Human Services regarding the enforcement of the HIPAA law as well as detailed discussions on the Phase 2 audit process and current events regarding HIPAA cases (both in courtrooms and from real-life Audits). Our instructor - Mr. Brian Tuttle  has over 20 years of experience in working as Compliance auditor and has been an expert witness on multiple HIPAA cases. He`ll thoroughly explain on HOW and in WHAT scenarios patients can claim for cash remedies. More importantly, Brian will show you how to limit those risks by simply taking proactive steps and utilizing best practices. Why should you attend this seminar? This Sem...

Classifying Medical Devices in US and EU

Compliance Key INC  -  Healthcare Compliance Webinars Overview The Food and Drug Administration (FDA) has established classifications for approximately 1,700 different generic types of devices and grouped them into 16 medical specialties referred to as panels. Each of these generic types of devices is assigned to one of three regulatory classes based on the level of control necessary to assure the safety and effectiveness of the device.The determination process, how you apply the classification process to your device, is complex and requires several levels of analysis to make the proper device classification. Proper medical device classification is the fundamental first step in submitting your device for approval anywhere in the world. This webinar will detail the medical device classification process for the United States through the FDA and will overview the very complex process for medical device classification within the EU. Specifically, this webinar will provid...

HIPAA Compliance with the New Omnibus Rule: How to Pass an Audit to Avoid Penalties and Criminal Convictions

Compliance Key INC  -  H ipaa webinar                                           Jonathan P. Tomes Jonathan P. Tomes , J.D., is Keynote Speaker at Compliance key Inc. He is a health care attorney practicing in the greater Kansas City.   Webinar Id:   HIPHJPT001  2:30 PM PT | 03:30 PM ET    01/18/2018  Duration: 60 mins  Overview Before the HITECH Act, DHHS could audit covered entities for HIPAA compliance, but did not have to. With that Act, now the must audit those entities and business associates as well. In the first audits, the Phase I audits, DHHS came on site. The subsequent Phase II audits, however, were paper audits in which those audited had to provide documentation of their compliance. As yet, we do not know what form Phase III will take, but the necessary actions to prepar...