HIPAA Security and Privacy Risk Analysis and OCR Audits | September 23, 2015 10:00 AM - September 23, 2015 1:00 PM | Automation.com

HIPAA Security and Privacy Risk Analysis and OCR Audits

Event Summary

September 23, 2015
Fremont, CA 94536
United States
September 23, 2015 10:00 AM
September 23, 2015 1:00 PM
Online Compliance Panel
[email protected]
Click here to Visit


HIPAA Security and Privacy Risk Analysis and OCR Audits

Instructor: Kelly McLendon, RHIA, CHPS
Product ID: 50100

HIPAA and the Meaningful Use incentive program requires security and privacy risk analysis be performed on a routine basis and recommends they be made a part of a 'Culture of Compliance' which defines the organization's compliance program. Both the Security Risk Analysis (SRA) and Privacy Risk Analysis (PRA) are detailed and complex undertakings.

HIPAA has undergone rule changes and increased enforcement and other parties are also upping the ante on enforcement and therefore increasing the liability to providers of care, other Covered Entities (CE), Business Associates (BA) and Subcontractors. HIPAA Compliance Programs face a fundamental challenge in assessing and ensuring that they are meeting both the security as well as the privacy rules. Participation in the ONC - CMS Meaningful Use Program requires a HIPAA Security Risk Analysis each year of the program and the HIPAA rules them elves de facto mandate the performance of audits, assessment or analysis of your organization in relation to the rules.

Areas Covered
Increasing risks for Privacy and Security Non-Compliance
OCR Audits
Requirements for HIPAA Risk Analysis
Security Risk Analysis
Privacy Risk Analysis
Risk Analysis Methodology
Actions to reduce liabilities & risks

Why Should you Attend
HIPAA and other forms of privacy and security investigations, enforcement and audits are at an all-time high. Being proactive with privacy and security compliance, especially in the areas of Security and Privacy Risk Analysis will reduce risks of penalties, lawsuits and other unwanted effects from violations. This presentation offers strategies and information that will assist any organization in planning and performing Security and Privacy Risk Analysis.

It is recognized within the industry that OCR should be issuing new audit program rules at any point in the near future. But we have been awaiting these rules for over a year. This presentation will address the new rules if they are issued prior to the session, if not there are plenty of other preparatory steps any covered entity (CE) or business associate (BA) can take which will be addressed within the presentation.

Objectives of the Presentation
Attendees will be explained the differences and relationships between security And Privacy Risk Analysis and the OCR Audit program
Understanding the OCR 2012 and 2015 Audit programs. 2012 has been completely analyzed, the 2015 program, at this point is still awaiting final release. Preliminary information is available and will be shared with the attendees
The increasing environment of enforcement and penalties, including CMS taking back Meaningful Use funds for missing or improper Security Risk Analysis
Key elements of a Privacy and Security Risk Analysis
Tools commonly found for Privacy and Security Risk Analysis
Differences between physician practice and hospital Privacy and Security Risk Analysis

Who can Benefit
Privacy Officer
Security Officer
Office Manager
Practice Manager
HIM Director
Compliance Officer
Privacy Staff
Security Staff
CIO, IT Director
IT Manager, IT staff
Foundation Manager
All other healthcare parties that need to be updated on HIPAA, privacy and security
Anyone performing security and/or privacy risk analysis, assessment or audits

For Registration -

Note : Use coupon code 1371 and get 10% off on Registration