BEGIN:VCALENDAR PRODID:NingEventWidget-v1 VERSION:2.0 METHOD:PUBLISH BEGIN:VTIMEZONE TZID:America/New_York X-LIC-LOCATION:America/New_York BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:19700308T020000 RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=2SU END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:19701101T020000 RRULE:FREQ=YEARLY;BYMONTH=11;BYDAY=1SU END:STANDARD END:VTIMEZONE BEGIN:VEVENT UID:2140535:Event:82003 DTSTAMP:20260525T235607Z SUMMARY:Performing your Annual HIPAA Security Risk Assessment DESCRIPTION:Overview\n\nIn September of 2017, OCR shared preliminary r esults of their Phase 2, nation-wide, HIPAA Audits.\nAs it relates to HIPAA Security Risk Analysis and Management the results were pretty sh ocking.\nOCR reported that 83% of those they audited had a score of \" inadequate\" or \"failure\" on their performance of an information sec urity risk analysis while 94% had a score of \"inadequate\" or \"failu re\" on their efforts of establishing or maintaining an information se curity risk management plan.\nA couple months ago the OCR announced th eir $3.5 million settlement with Fresenius Medical Care North America (FMCNA). The main reason cited by the OCR was that Fresenius \"failed to heed HIPAA’s risk analysis and risk management rules.\" OCR Direc tor Roger Severino had some very clear and strong words about the impo rtance of performing a HIPAA Security Risk Analysis.\nHe said, \"The n umber of breaches, involving a variety of locations and vulnerabilitie s, highlights why there is no substitute for an enterprise-wide risk a nalysis for a covered entity. Covered entities must take a thorough lo ok at their internal policies and procedures to ensure they are protec ting their patients' health information in accordance with the law.\"\ n\nWhy should you Attend\n\nHIPAA enforcement is on the rise. The prim ary enforcement body is the U.S. Health and Human Services (HHS) Offic e for Civil Rights (OCR). \nThey've warned that the most common HIPAA compliance error they consistently see is failure to perform an adequ ate HIPAA Security Risk Analysis. If health care organizations partici pated in Meaningful Use or MACRA (The Medicare Access and CHIP Reautho rization Act of 2015) then they are required to annually certify to pe rforming a HIPAA Security Risk Analysis. \nEven if an organization di d not participate in these programs, if they are required to comply wi th HIPAA then they need to perform this analysis periodically.\n\nArea s Covered in the Session\n\n\nRecent enforcement and fines resulting f rom HIPAA Security Risk Analysis failures\nOutlook of future enforceme nt\nHIPAA Security Risk Analysis requirements\nHow to perform a HIPAA Security Risk Analysis\nRemediating findings from the risk analysis\n\ n\nWho Will Benefit\n\n\nAny Healthcare Organization that is required to follow HIPAA\nPhysician Practices Participating in MACRA\nHospitals and Organizations that Accepted Government Financial Incentives to Im plement Electronic Health Records\nCompliance Officer\nHIPAA Privacy a nd Security Officers\n\n\nFor more information visit https://medtechiq .ning.com/events/performing-your-annual-hipaa-security-risk-assessment DTSTART;TZID=America/New_York:20190201T100000 DTEND;TZID=America/New_York:20190201T110000 CATEGORIES:webinar LOCATION:Online WEBSITE:http://bit.ly/2VDImEf URL:http://bit.ly/2VDImEf CONTACT:(510) 962-8903 ORGANIZER:Traininng.com LLC ATTACH;FMTTYPE="image/jpeg":https://storage.ning.com/topology/rest/1.0 /file/get/702398026?profile=original ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=ACCEPTED;RSVP=TRUE;CN="Joseph W ilcox":https://medtechiq.ning.com/profile/JosephWilcox END:VEVENT END:VCALENDAR