HIPAA Risk Analysis

Recorded Webinar | Jonathan P. Tomes | From: Jul 16, 2020 - To: Dec 31, 2020

Training Options & Pricing

Error Conference Exists In Wish-list.

Congrats Conference Added In Wish-list.

Recording     $259
DVD     $269
Recording + DVD     $489
Transcript (Pdf)     $259
Recording & Transcript (Pdf)     $479
DVD & Transcript (Pdf)     $489


Description
  • Introduction—the current state of HIPAA enforcement
  • What is risk analysis
  • The requirement to perform a risk analysis
  • Sanctions for failure to perform a risk analysis
  • How to conduct a risk analysis
  • Assemble a good team
  • Identify assets
  • Determine risks to those assets
  • Quantify risks to those assets
  • Select reasonable, appropriate, and cost-effective security measures
  • Test and revise your security measures
  • The requirement to update your risk analysis
  • The requirement to document your risk analysis

Learning Objectives:-

  • What is a risk analysis
  • Why must you conduct (and update) a risk analysis
  • The penalties for not conducting a written risk analysis
  • Who should conduct the risk analysis
  • What assets or activities should you perform a risk analysis of
  • What tools are available to help conduct a risk analysis
  • How to determine what risks exist
  • How to quantify the risks—how likely are they to occur and how serious are they
  • How to select reasonable, appropriate, and cost-effective security measures
  • How to document your risk analysis
  • When to update your risk analysis

Why should You Attend?

  • Risk analysis is the key to implementing reasonable cost-effective security measures
  • Risk analysis is required by the HIPAA Security Rule
  • Risk analysis is how to determine whether you must implement an addressable implementation specification, such as encryption
  • And failure to conduct and update risk analyses are the single biggest cause of Health and Human Services imposed civil money penalties of up to several million dollars
  • Any breach resulting from failure to conduct a risk analysis constitutes willful neglect, which carries the highest fines and must be investigated by HHS
  • And failure to conduct one has other effects as well—remediation and mitigation (lessening the harm of) costs, bad publicity, lost business and the like
  • HIPAA does not specify how to do a risk analysis

Who Should Attend?

  • Privacy Officers
  • Security Officers
  • Compliance Officers
  • Medical Records Administrators
  • Health Information Management Directors
  • Office Managers
  • Heads of Practices
  • Healthcare in-House Counsel
  • HIPAA consultants