Performing your Annual HIPAA Security Risk Assessment

Website https://www.traininng.com/webinar/performing-your-annual-hipaa-security-risk-assessment-200586live?o | Edit Freely

Category Online Professional Trainings;Hipaa Security Rule;Hipaa Risk Assessment

Deadline: January 31, 2019 | Date: February 01, 2019

Venue/Country: Online, U.S.A

Updated: 2019-01-09 16:00:31 (GMT+9)

Call For Papers - CFP

In September of 2017, OCR shared preliminary results of their Phase 2, nation-wide, HIPAA Audits.

As it relates to HIPAA Security Risk Analysis and Management the results were pretty shocking.

OCR reported that 83% of those they audited had a score of "inadequate" or "failure" on their performance of an information security risk analysis while 94% had a score of "inadequate" or "failure" on their efforts of establishing or maintaining an information security risk management plan.

A couple months ago the OCR announced their $3.5 million settlement with Fresenius Medical Care North America (FMCNA). The main reason cited by the OCR was that Fresenius "failed to heed HIPAA’s risk analysis and risk management rules." OCR Director Roger Severino had some very clear and strong words about the importance of performing a HIPAA Security Risk Analysis.

He said, "The number of breaches, involving a variety of locations and vulnerabilities, highlights why there is no substitute for an enterprise-wide risk analysis for a covered entity. Covered entities must take a thorough look at their internal policies and procedures to ensure they are protecting their patients' health information in accordance with the law."

Why should you Attend

HIPAA enforcement is on the rise. The primary enforcement body is the U.S. Health and Human Services (HHS) Office for Civil Rights (OCR).

They've warned that the most common HIPAA compliance error they consistently see is failure to perform an adequate HIPAA Security Risk Analysis. If health care organizations participated in Meaningful Use or MACRA (The Medicare Access and CHIP Reauthorization Act of 2015) then they are required to annually certify to performing a HIPAA Security Risk Analysis.

Even if an organization did not participate in these programs, if they are required to comply with HIPAA then they need to perform this analysis periodically.

Areas Covered in the Session

Recent enforcement and fines resulting from HIPAA Security Risk Analysis failures

Outlook of future enforcement

HIPAA Security Risk Analysis requirements

How to perform a HIPAA Security Risk Analysis

Remediating findings from the risk analysis

Who Will Benefit

Any Healthcare Organization that is required to follow HIPAA

Physician Practices Participating in MACRA

Hospitals and Organizations that Accepted Government Financial Incentives to Implement Electronic Health Records

Compliance Officer

HIPAA Privacy and Security Officers