MedTech I.Q.

The Cutting Edge of Medical Technology Content, Community & Collaboration

Risk analysis is the soul of HIPAA implementation

The criticality of risk analysis to HIPAA implementation can be understood from the fact that inability to carry out this activity is the principal reason for which The United States Department of Health and Human Services (DHHS or just HHS) levies civil money penalties on Business Associates and Covered Entities.

This means that Covered Entities and Business Associates need to understand ways of drafting, adopting and implementing HIPAA compliance policies, of which risk analysis is at the core. Many entities get this wrong, because of which they end up having hefty penalties slapped. A recent example that comes to mind is the Massachusetts General Hospital was levied a hefty $1 million for causing a Protected Health Information (PHI) breach that involved having allowed medical information to be left on a subway.

The main reason for this kind of breach is that the healthcare organization’s inability to foresee the ways by which PHI could be leaked. This can be prevented by carrying out a proper risk analysis. This being the nature of the importance of risk analysis to HIPAA; it is absolutely necessary for organizations that are mandated by HIPAA to carry out risk analysis, to get this right.

The intricacies of drafting a risk analysis need to be learnt

This will be the topic of a webinar being organized by MentorHealth, a renowned provider of professional trainings for the healthcare industry. At this webinar, for which healthcare professionals can enroll by visiting http://www.mentorhealth.com/control/w_product/~product_id=800835LIVE/, the speaker, Alice McCart will explain what it takes to carry out a thorough risk analysis by deciding on how to do one, how to use gap analysis, and what policies the organization needs, including required, addressable, and other policies. She will then teach participants the ways of writing a policy, which involves three steps, namely researching, drafting, and revising. 

Participants who attend this webinar will be able to learn:

  • Ways of asking the right questions regarding risk analysis
  • Taking help from the right sources
  • Collecting samples
  • Retaining the principles of substance, organization, coherence, style, and correctness when drafting
  • Sending out the draft for review to the right people
  • Incorporating comments
  • Implementing the policy

The speaker will offer an easy way of making a checklist and take the risk analysis process step by step, which will ease the burden of having to develop and write something like 70 policies to attain HIPAA compliance.

Contact Information:

http://www.mentorhealth.com/

+1-800-385-1607

 

Views: 48

Comment

You need to be a member of MedTech I.Q. to add comments!

Join MedTech I.Q.

MedTechIQ VideoLibrary

  • Add Videos
  • View All

Upcoming Events

© 2024   Created by CC-Conrad Clyburn-MedForeSight.   Powered by

Badges  |  Report an Issue  |  Terms of Service

Sign in to chat!