MedTech I.Q.

The Cutting Edge of Medical Technology Content, Community & Collaboration

Performing your Annual HIPAA Security Risk Assessment

Event Details

Performing your Annual HIPAA Security Risk Assessment

Time: February 1, 2019 from 10am to 11am
Location: Online
Street: Online
City/Town: Online
Website or Map: http://bit.ly/2VDImEf
Phone: (510) 962-8903
Event Type: webinar
Organized By: Traininng.com LLC
Latest Activity: Jan 9

Export to Outlook or iCal (.ics)

Event Description

Overview

In September of 2017, OCR shared preliminary results of their Phase 2, nation-wide, HIPAA Audits.

As it relates to HIPAA Security Risk Analysis and Management the results were pretty shocking.

OCR reported that 83% of those they audited had a score of "inadequate" or "failure" on their performance of an information security risk analysis while 94% had a score of "inadequate" or "failure" on their efforts of establishing or maintaining an information security risk management plan.

A couple months ago the OCR announced their $3.5 million settlement with Fresenius Medical Care North America (FMCNA). The main reason cited by the OCR was that Fresenius "failed to heed HIPAA’s risk analysis and risk management rules." OCR Director Roger Severino had some very clear and strong words about the importance of performing a HIPAA Security Risk Analysis.

He said, "The number of breaches, involving a variety of locations and vulnerabilities, highlights why there is no substitute for an enterprise-wide risk analysis for a covered entity. Covered entities must take a thorough look at their internal policies and procedures to ensure they are protecting their patients' health information in accordance with the law."

Why should you Attend

HIPAA enforcement is on the rise. The primary enforcement body is the U.S. Health and Human Services (HHS) Office for Civil Rights (OCR). 

They've warned that the most common HIPAA compliance error they consistently see is failure to perform an adequate HIPAA Security Risk Analysis. If health care organizations participated in Meaningful Use or MACRA (The Medicare Access and CHIP Reauthorization Act of 2015) then they are required to annually certify to performing a HIPAA Security Risk Analysis. 

Even if an organization did not participate in these programs, if they are required to comply with HIPAA then they need to perform this analysis periodically.

Areas Covered in the Session

  • Recent enforcement and fines resulting from HIPAA Security Risk Analysis failures
  • Outlook of future enforcement
  • HIPAA Security Risk Analysis requirements
  • How to perform a HIPAA Security Risk Analysis
  • Remediating findings from the risk analysis

Who Will Benefit

  • Any Healthcare Organization that is required to follow HIPAA
  • Physician Practices Participating in MACRA
  • Hospitals and Organizations that Accepted Government Financial Incentives to Implement Electronic Health Records
  • Compliance Officer
  • HIPAA Privacy and Security Officers

Comment Wall

Comment

RSVP for Performing your Annual HIPAA Security Risk Assessment to add comments!

Join MedTech I.Q.

Attending (1)

© 2019   Created by CC-Conrad Clyburn-MedForeSight.   Powered by

Badges  |  Report an Issue  |  Terms of Service