Performing an Effective Risk Assessment of Potential Breaches

Instructor: Frank Ruelas
Product ID: 704682
  • Duration: 60 Min
Purchase option for this webinar is currently unavailable. Please contact our Customer Care for more info.

Customer Care

Fax: +1-650-963-2556


Read Frequently Asked Questions

The Health Insurance Portability and Accountability Act (HIPAA) rules and regulations clearly state that an impermissible use or disclosure is presumed to be a breach. Therefore, any such incident triggers the required notifications. However, if an organization performs a risk assessment and shows why the incident is not a breach, the required notifications would no longer apply. This training program will focus on how to perform an effective risk assessment that can not only reduce the administrative burden of dealing with presumed breaches, but also help an organization meet other criteria such as those that exist in the Office for Civil Rights HIPAA audit protocol.

Why Should You Attend:

The HIPAA rules and regulations require that organizations safeguard protected health information (PHI) through the use of physical, administrative, and technical safeguards. When these safeguards fail, either through intentional or unintentional acts, an impermissible use or disclosure occurs. These are presumed to be breaches under the HIPAA rules. Also described in the rules is the option that an organization may conduct a risk assessment to show how the impermissible use or disclosure is not a breach. If the incident is determined not to be a breach, then the organization need not complete any required notifications. In addition, the Office for Civil Rights (OCR) is planning to restart is audit program. As part of the audit protocol is an element related to an organization’s efforts to assess incidents for possible breaches. This session will also promote compliance with this particular element of the protocol.

Areas Covered in the Webinar:

  • History and application of the HIPAA rules as they pertain to breaches
  • Current challenges in effectively conducting a credible risk assessment
  • Ways to apply the definition of a breach, to include the exceptions of a breach as described in the HIPAA rules and regulations
  • A method called or referred to as “LoProCo” to assist organizations in how to organize and conduct a risk assessment

Who Will Benefit:

All organizations that must comply with the HIPAA regulations. This includes health care providers, health plans, clearinghouses, and business associates.

  • HIPAA privacy officers
  • HIPAA security officers
  • Compliance officers
  • Risk managers

Instructor Profile:

Frank Ruelas has been involved in healthcare compliance and HIPAA compliance for over ten years. His experience encompasses the design, implementation, and management of all aspects of the seven elements which comprise an effective compliance program as described by the Office of Inspector General and the Centers for Medicare and Medicaid in their respective guidance to the healthcare community.

Mr. Ruelas has worked with organizations of all sizes and within all phases of the development of compliance program. He is an experienced presenter and educator to compliance professionals and is well known for his unique and practical approach towards compliance. He is also known for coining the term “LoProCo” as it applies to the breach assessment process and introducing one of the earliest models in how to perform a credible breach assessment.

Follow us :
ComplianceOnline Banking Summit 2016 | Risk Management and Data Security - 80390SEM
21 CFR Part 11 Compliance for SaaS/Cloud Applications - 80202SEM

Product Reviews

This product hasn't received any reviews yet. Be the first to review this product! Write review

Best Sellers
You Recently Viewed