MedTech I.Q.

The Cutting Edge of Medical Technology Content, Community & Collaboration

Lessons from Anthem and the OCR Audits - Risk Analysis Explained Step by Step

Event Details

Lessons from Anthem and the OCR Audits - Risk Analysis Explained Step by Step

Time: January 14, 2019 from 10am to 11:30am
Location: Online
Street: Online
City/Town: Fremont
Website or Map:…
Phone: 800-385-1607
Event Type: webinar
Organized By: Netzealous LLC - MentorHealth
Latest Activity: Nov 21, 2018

Export to Outlook or iCal (.ics)

Event Description


The top takeaway from the $16 million Anthem settlement is that Risk Analysis and Risk Management are central to HIPAA compliance. Failure to complete a thorough annual Risk Analysis and follow the resulting Risk Management Plan could be fatal to your business.

Recent HIPAA audits by OCR also underscore the need to conduct a proper Risk Analysis. Unfortunately, HIPAA Rules do not explain how to do it. OCR's limited 9-page guidance document refers organizations to technical procedures in manuals created by the National Institute of Standards and Technology (NIST) Computer Security.

Division and geared to "the computer security community". Several Federal "Security Risk Assessment Tools" are available but are incomplete, cumbersome and have an explicit disclaimer - use of the tool does not guarantee compliance with federal, state or local laws.

Attend this session to learn the three components of HIPAA Risk Analysis - Risk Management, step-by-step, with the steps demonstrated and explained clearly in plain language. HIPAA Risk Analysis - Risk Management is the basis of your HIPAA Compliance Program. Federal HIPAA Risk Analysis - Risk Management procedures are easy to follow, step-by-step, when you know the steps. This webinar explains and demonstrates those steps.

Why should you Attend: Risk Analysis - Risk Management is HIPAA Enforcement Priority #1. The Office for Civil Rights (OCR), the HIPAA enforcement arm of the U. S. Department of Health and Human Services (HHS) considers the most serious, most widespread HIPAA deficiency for Covered Entities and Business Associates - surpassing all others - is an organization's failure to perform a HIPAA Risk Analysis and implement a Risk Management program to address its Risks.

OCR recently announced alarming results of the Phase 2 Covered Entity HIPAA Compliance Audits:

87% of Covered Entities and 83% of Business Associates failed the Risk Analysis Audit!
94% of Covered Entities and 87% of Business Associates failed the Risk Management Audit!

Every audited organization knew well in advance that it was on the short list to be audited, had completed pre-audit questionnaires and knew the exact questions it would be asked and documentation to be provided (audit protocols). Even though they had advance warning most of them failed.

Comment Wall


RSVP for Lessons from Anthem and the OCR Audits - Risk Analysis Explained Step by Step to add comments!

Join MedTech I.Q.

Attending (1)

© 2021   Created by CC-Conrad Clyburn-MedForeSight.   Powered by

Badges  |  Report an Issue  |  Terms of Service