How to Conduct a HIPAA HITECH Security Risk Assessment

Webinar Details

Speaker

Brian L. Tuttle

Industry

HIPAA and Compliance Conference

Speciality

HIPAA and Compliance Conference

Available

All Days

Duration

90 Minutes


Registration Options

Choose Your Options

Save $20 - [ HEALTHCPTI ]

Error Conference Exists In Wish-list.

Congrats Conference Added In Wish-list.



Need Corporate Discount ?

Find More Webinars Of : HIPAA and Compliance Conference

  • * For more than 6 attendee call us at +1-800-803-7592 or mail us at cs@conferencepanel.com
  • * For Check and ACH payment call us at +1-800-803-7592 or mail us at cs@conferencepanel.com
  • * Click to download the Order Form

Description

Conducting a HIPAA HITECH security risk assessment involves systematically evaluating potential risks and vulnerabilities to protected health information (PHI). The webinar will begin by assembling a multidisciplinary team with IT, security, compliance, and healthcare operations expertise, defining the assessment's scope, and identifying all systems, processes, and personnel interacting with PHI. Next, assess security measures, including physical safeguards, technical controls, and administrative procedures.

It also utilizes standardized frameworks and the HIPAA Security Rule to guide the assessment process. Identifying potential threats, such as unauthorized access, data breaches, or system failures, and evaluating each threat's likelihood and potential impact. And develop a comprehensive risk management plan that prioritizes mitigation strategies based on the severity and probability of identified risks. Regularly review and update the risk assessment to adapt to evolving threats and changes in technology organizational processes.

Session Highlights

  • The webinar will discuss whether a HIPAA HITECH Security Risk Assessment is the first thing OCR will ask for in an audit.  
  • Understanding whether the risk assessment is adequate and current and whether it covers the bases necessary for specific organizations.
  • Learning how to write HIPAA HITECH Security Policies based on HIPAA HITECH Risk Assessment findings.
  • The speaker will show how to conduct a proper risk assessment point by point.
  • Understanding how to write proper policies and procedures, which are to be based on the risk assessment findings, and how to word the policies to satisfy OCR or a potential client.

Why Should You Attend

Attending a HIPAA HITECH security risk assessment is not just about individual compliance but collective security. Ensuring compliance with regulatory requirements set forth by HIPAA and HITECH contributes to a collective effort to safeguard protected health information (PHI). Moreover, involvement in the assessment allows us to comprehensively understand the organization's security posture, including identifying potential vulnerabilities and threats to PHI. This knowledge empowers attendees to proactively implement security measures and mitigate risks, ultimately reducing the likelihood of data breaches and their associated consequences, such as financial penalties and reputational damage.

Furthermore, attending the assessment fosters collaboration and communication among stakeholders, facilitating a holistic approach to security that considers technical, operational, and regulatory aspects is not just essential; it's a testament to the power of collaboration, promoting a culture of compliance, accountability, and continuous improvement within your organization.

Who Should Attend

  • Attorneys
  • IT companies
  • Private Practice
  • Hospitals & Ambulatory
  • Billing Companies
  • Transcriptions Companies
  • Home Health Groups
  • Health Insurance
  • Practice Managers
  • MDs and other medical professionals.
Brian L. Tuttle
Brian L. Tuttle

( CPHIT, CHP, CBRA, Net+, A+, CCNA, MCP)

Brian L. Tuttle is a Certified Professional in Health IT (CPHIT), Certified HIPAA Professional (CHP), Certified HIPAA Administrator (CHA), Certified Business Resilience Auditor (CBRA), Certified Information Systems Security Professional (CISSP) with over 17 years of experience in Health IT and Compliance Consulting.

With vast experience in health IT systems (i.e., practice management, EHR systems, imaging, transcription, medical messaging, etc.) as well as over 22 years of experience in standard Health IT with multiple certifications and hands-on knowledge, Brian serves as a compliance consultant. He has conducted onsite and remote risk assessments for over 1000 medical practices, hospitals, health departments, insurance plans, and business associates throughout the United States.

In addition, Mr Tuttle has served in multiple litigated court cases as an expert witness, offering input on best practices and requirements for securing and providing patient access to protected health information. Mr. Tuttle has also worked directly with the Office of Civil Rights (OCR) in defending covered entities and business associates and being asked by the Federal government to audit covered entities and business associates on behalf of the OCR.

Registration Options

Choose Your Options

Save $20 - [ HEALTHCPTI ]

Error Conference Exists In Wish-list.

Congrats Conference Added In Wish-list.


Need Corporate Discount ?


  • * For more than 6 attendee call us at +1-800-803-7592 or mail us at cs@conferencepanel.com
  • * For Check and ACH payment call us at +1-800-803-7592 or mail us at cs@conferencepanel.com
  • * Click to download the Order Form
Brian L. Tuttle
Brian L. Tuttle

( CPHIT, CHP, CBRA, Net+, A+, CCNA, MCP)

Brian L. Tuttle is a Certified Professional in Health IT (CPHIT), Certified HIPAA Professional (CHP), Certified HIPAA Administrator (CHA), Certified Business Resilience Auditor (CBRA), Certified Information Systems Security Professional (CISSP) with over 17 years of experience in Health IT and Compliance Consulting.

With vast experience in health IT systems (i.e., practice management, EHR systems, imaging, transcription, medical messaging, etc.) as well as over 22 years of experience in standard Health IT with multiple certifications and hands-on knowledge, Brian serves as a compliance consultant. He has conducted onsite and remote risk assessments for over 1000 medical practices, hospitals, health departments, insurance plans, and business associates throughout the United States.

In addition, Mr Tuttle has served in multiple litigated court cases as an expert witness, offering input on best practices and requirements for securing and providing patient access to protected health information. Mr. Tuttle has also worked directly with the Office of Civil Rights (OCR) in defending covered entities and business associates and being asked by the Federal government to audit covered entities and business associates on behalf of the OCR.