The centrality of Risk Analysis to HIPAA


Carrying out audits is among the most important requirements for any organization that handles Protected Health Information (PHI). HIPAA hosting providers, who implement safeguards in the manner specified in the HIPAA Privacy Rule, must be included in these audits. The indispensability of audits to achieving HIPAA compliance has been iterated by the Department of Health and Human Services (HHS). This makes audits a sine qua non for HIPAA Risk Analysis. Considering that the HHS has found that more than three fourths of the healthcare providers fail to carry out the HIPAA Risk Analysis; both government enforcement and private lawsuits can be expected to rise. The number of HIPAA violations in 2015 was so steep that it gave the year the unflattering title of “The Year of the Breach”. The need for a complete understanding of HIPAA Risk Analysis is acute This is not the happiest of situations to be in. Healthcare organizations need to learn the ways of carrying out audits. They surely need to understand the method or procedure for carrying out a HIPAA Risk Analysis. A Covered Entity or Business Associate need to know what to audit and how, since these are the entities that the HHS requires to carry out HIPAA Risk Analysis, as they create, receive, maintain or transmit Protected Health Information (PHI). Proper understanding of getting HIPAA risk analysis right The ways of getting Risk Analysis right will be the content of a webinar that MentorHealth, a leading provider of professional trainings for the healthcare industry, is organizing. Paul Hales, an attorney at law in St. Louis, Missouri, whose practice includes specialization in the HIPAA Privacy and Security Rules from the dates they became effective, will be the speaker at this webinar. Eager to understand how to know the ways of conducting audits in order to avoid enforcement actions from the HHS? Then, you need to attend this webinar; since Paul brings rich experience into HIPAA Risk Analysis and will help you put these lessons into practice. Please register for this webinar .This Course is approved for 1.5 general credits from the Nevada Board of Continuing Legal Education. Components of the HIPAA Risk Analysis that are mandatory In its Security Standards Guide, the HHS has stipulated nine components as being mandatory for a HIPAA Risk Analysis. These are the nine: o All that is covered in the Risk Analysis o Information about where the PHI is stored o Identifying possible threats and vulnerabilities and documenting them o An assessment of the security measures put in place till then o Assaying the chance of a threat o Understanding and defining the possible impact of the threat o And understanding the risk level o Proper documentation o Periodic reviewing and update of the Risk Analysis The specific aim of this webinar is to protect participating organizations from enforcement actions. Paul proposes doing this by offering a clear explanation and clarification of HIPAA Risk Analysis. He will explain the six steps for HIPAA Risk Analysis. These are: o Location o Implementation Specifications o Threats and Vulnerabilities o Risks o Action Steps o Documentation Paul will explain, clarify, and demonstrate the ways of carrying out a HIPAA Risk Analysis in these six complete steps. HIPAA Compliance Officials, those in Marketing, such as Patient Relations Manager, Health Care Practice Managers, Compliance Risk Managers, and Information Systems Managers and legal counsel to perform a full HIPAA Risk Analysis of the PHI created, received, maintained or transmitted in any format will gain immense insights by attending this webinar. In offering them the insights they need for identifying and mitigating threats, vulnerabilities and risks to their PHI, no matter where it is located; Paul will cover the following areas at this session: o HIPAA Risk Analysis Explained In a Clear Concise Step-by-Step Process o Creating Your HIPAA Compliance Program Directly From Your HIPAA Risk Analysis.

Date Posted: 25 Jul 2017