HIPAA Security Rule Compliance Through Risk Analysis and Policy Documentation

Instructor: Jim Sheldon-Dean
Product ID: 703180
  • Duration: 90 Min

recorded version

1x Person - Unlimited viewing for 6 Months
(For multiple locations contact Customer Care)
Recorded Link and Ref. material will be available in My CO Section

Training CD

One CD is for usage in one location only.
(For multiple locations contact Customer Care)
CD and Ref. material will be shipped within 15 business days

Customer Care

Fax: +1-650-963-2556


Read Frequently Asked Questions

This training on HIPAA compliance will teach the attendees how to examine their security policies, practices, and risk issues to find and fill any gaps in the documentation that is required by the HIPAA rules to show compliance, survive audits, and avoid enforcement action.

Why Should You Attend:

Any organization subject to HIPAA needs to compare its information-handling practices to the requirements of HIPAA in order to identify gaps between current and required practices. HIPAA requires a risk analysis to determine security risks to electronic information and implementation of measures to reduce those risks and vulnerabilities to a reasonable and appropriate level. The meaningful use requirements also require eligible hospitals and eligible professionals to conduct or review a HIPAA Security Rule risk assessment of the certified electronic health record (EHR) technology annually, and implement security updates and correct identified security deficiencies as part of its risk management process. And the policies reviewed, risk analysis performed, and mitigation actions taken must all be documented so that they can withstand the scrutiny of investigators from the US Department of Health and Human Services.

Attend this 90-minute webinar to learn how to properly conduct a policy review and risk analysis. Learn what safeguards need to be in place, what documentation is required, and what follow-through needs to be done. We will examine the pluses and minuses of various available free tools, and in-house versus outsourced reviews.

Areas Covered in the Webinar:

  • What the HIPAA Security Rule requires
  • What Meaningful Use Objective 15 requires
  • What a good risk analysis is and isn’t
  • The policies you should have for security compliance
  • Finding and filling any gaps in your policies and procedures
  • How to do risk assessment and analysis
  • Planning management of your risks
  • Planning your next reviews and your information security management process

Who Will Benefit:

This webinar will provide valuable assistance to any covered entity or business associate including Medical offices, group practices, hospitals, academic medical centers, insurers, law firms, accounting firms, shredding companies, data storage facilities, systems vendors, and billing services. Workforce personnel who should attend include:

  • Compliance director
  • CEO
  • CFO
  • Privacy Officer
  • Security Officer
  • Information Systems Manager
  • HIPAA Officer
  • Chief Information Officer
  • Health Information Manager
  • Healthcare Counsel/lawyer
  • Office Manager
  • Contracts Manager

Instructor Profile:

Jim Sheldon-Dean, is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities.

Sheldon-Dean serves on the HIMSS Information Systems Security Workgroup, has co-chaired the Workgroup for Electronic Data Interchange Privacy and Security Workgroup, and is a recipient of the WEDI 2011 Award of Merit. He is a frequent speaker regarding HIPAA and information privacy and security compliance issues at seminars and conferences, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference in Washington, D.C.

Sheldon-Dean has more than 30 years of experience in policy analysis and implementation, business process analysis, information systems and software development. His experience includes leading the development of health care related Web sites; award-winning, best-selling commercial utility software; and mission-critical, fault-tolerant communications satellite control systems. In addition, he has eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master’s degree from the Massachusetts Institute of Technology.

Topic Background:

Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures, but also that you ensure you have the right policies, procedures, and documentation, and have performed the appropriate analysis of the risks to the confidentiality, integrity, and availability of electronic Protected Health Information.

HIPAA enforcement is on the increase and random audits of HIPAA compliance have begun. In addition, audits of Meaningful Use attestations are examining compliance with Objective 15, which calls for a HIPAA Security Rule risk analysis. Failures in any of these reviews or audits can lead to significant penalties and fines. Your HIPAA Covered Entity or Business Associate needs to have the right reviews and documentation right now.

Follow us :
ComplianceOnline Banking Summit 2016 | Risk Management and Data Security - 80390SEM
21 CFR Part 11 Compliance for SaaS/Cloud Applications - 80202SEM

Product Reviews

This product hasn't received any reviews yet. Be the first to review this product! Write review

Best Sellers
You Recently Viewed