HIPAA Security Rule Compliance - Risk Analysis and Documentation are Keys to Compliance

Why Should You Attend:

As per HIPAA Security Rule, each entity must undertake a complete and thorough analysis of risks to the confidentiality, integrity, and availability of electronic protected health information, and implement the policies and procedures appropriate for that organization to mitigate risks as necessary. Every organization is different and the rule covers everything from small offices to large healthcare providers with thousands of employees and dozens of locations, and what is appropriate for each entity can vary widely, depending on the systems used and how business is done. The risk analysis is a key tool for guiding entities as they decide how to allocate scarce resources to most effectively reduce security risks.

Attention to the HIPAA Security Rule requirements for Risk Analysis and documentation of compliance activity is more important than ever, especially given the risks of using new technologies, such as texting and social networking, and the increased risks and costs of breaches of electronic protected health information. A complete suite of policies is necessary, especially including policies for managing incidents and potential breaches. Audits now being performed randomly require the production of significant documentation to show the proper adoption and use of policies and procedures.

Attend this 90-minute webinar to understand the framework of security policies, the elements of HIPAA security risk analysis, tools and techniques of creating, documenting, managing policies. How to have the policies adopted across organizations will be presented. How HIPAA audit protocol can be used as a compliance tool will be explained.

Note: A comprehensive 3-hr training CD on the same topic is available here.

Areas Covered in the Webinar:

• The requirements of the HIPAA Security Rule will be presented.
• The elements of a HIPAA Security Risk Analysis will be explained.
• A framework of security polices will be presented.
• Typical policy considerations for laptops and portable devices, and their security, will be discussed.
• We will discuss how to use Risk Analysis to deal with difficult compliance issues, such as texting and social networking.
• Tools to be used for policy management and documentation will be presented.
• How to adopt policies, train on them, and conduct drills on them will be discussed.
• The HIPAA Audit Protocol will be presented, and its use as a compliance tool will be explained.

Who will Benefit:

This webinar will benefit following organizations - Medical offices, practice groups, hospitals, academic medical centers, insurers, business associates (shredding, data storage, systems vendors, billing services, etc). the titles are

• Compliance director
• CEO
• CFO
• Privacy Officer
• Security Officer
• Information Systems Manager
• HIPAA Officer
• Chief Information Officer
• Health Information Manager
• Healthcare Counsel/lawyer
• Office Manager
• Contracts Manager

Instructor Profile:

Jim Sheldon-Dean, is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a variety of health care providers, businesses, universities, small and large hospitals, urban and rural mental health and social service agencies, health insurance plans, and health care business associates. He serves on the HIMSS Information Systems Security Workgroup, has co-chaired the Workgroup for Electronic Data Interchange Privacy and Security Workgroup, and is a recipient of the 2011 WEDI Award of Merit. He is a frequent speaker regarding HIPAA and information privacy and security compliance issues at seminars and conferences, including speaking engagements at AHIMA national and regional conventions and WEDI national conferences, and before regional HFMA chapter meetings and state hospital associations.

Sheldon-Dean has nearly 30 years of experience in policy analysis and implementation, business process analysis, information systems and software development. His experience includes leading the development of health care related Web sites; award-winning, best-selling commercial utility software; and mission-critical, fault-tolerant communications satellite control systems. In addition, he has eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master’s degree from the Massachusetts Institute of Technology.

Follow us :