URGENT PANDEMIC INFORMATION
COVID CANCELLED: Project Management in Human Resources, Boston MA, Jan 6-8, 2021
COVID CANCELLED: InterDrone, The International Drone Conference, Cambridge MA, Jan 11-13, 2021
COVID CANCELLED: Supplier Management for Medical Device Manufacturers, Cambridge MA, Feb 2-4, 2021
COVID CANCELLED: US Immigration Compliance Strategies, Boston MA, Feb 15-18, 2021
COVID CANCELLED: Project Management Training, Boston MA, Mar 3-5, 2021
COVID CANCELLED: Internal Audit, Fraud Risk Assessment Workshop, Boston MA, Mar 22-25, 2021
COVID CANCELLED: Agile / Scrum Training, Boston MA, Apr 12-14, 2021
COVID CANCELLED: Validation, Verification and Transfer of Analytical Methods, Boston MA, Apr 19-21, 2021
COVID CANCELLED: Computer System Validation - Reduce Costs and Avoid 483s, Boston MA, May 10-12, 2021
COVID CANCELLED: SharePoint Technology Conference, Boston MA, May 26-28, 2021
COVID CANCELLED: Employment Laws Certificate Program, Boston MA, Jun 7-9, 2021
Following events are tentatively planned but may be rescheduled, based on CDC guidelines or attendee registration interest .
TENTATIVE: 21 CFR Part 11 Compliance, Boston MA, Sep 22-24, 2021
TENTATIVE: Quality Control Laboratory Compliance, Boston MA, Oct 6-8, 2021
TENTATIVE: Analytical Instrument Qualification and System Validation, Boston MA, Nov 15-17, 2021
TENTATIVE: FDA's New Import Program for 2021, Boston MA, Dec 7-9, 2021
Boston Professional Events List
60 Minutes Live Webinar HIPAA Security Rule Priorities
Link to Website
At the conclusion of the session, participants will be able to:
Know what are some of the usual risks that must be addressed for HIPAA compliance and how to approach them, including those such as insecure communications of PHI, preparing to deal with Ransomware, and controlling and reviewing staff access of PHI.
Understand what a HIPAA Security risk analysis is, how you can conduct one, and what you can learn from it.
Learn the essential policies and procedures that must be in place for HIPAA Security Rule compliance, and the necessity of documentation of their application.
Understand how to consider new information security risks and what can cause them.
Understand the difference between policies and procedures, and what belongs in each.
Learn the importance of comparing your policies and procedures to your actual practices and making the necessary adjustments to synchronize them.
Who Will Benefit
- Compliance director
Information Systems Manager
Chief Information Officer
Health Information Manager
Today’s information security landscape in healthcare is full of hazards and threats, and preparing to deal with them requires an understanding of the key issues being faced, so that scarce resources can be most appropriately applied to reduce risks. Things like communications, Ransomware, and your own staff can be sources of issues that must be understood and addressed.
HIPAA has been a law for more than twenty years now, and the rules in place call for extensive policies and procedures to ensure compliance with the HIPAA Security Rule. But not all entities have done the work necessary to conduct an accurate and thorough assessment of the risks to the security of Protected Health Information (PHI), and develop and implement their security policies and procedures. Even if they have all the best practices in place, entities must have the supporting policies and procedures to ensure consistency in service and compliance with the law, and they need to be aware of the risks they face and be ready to respond to changes in the risk landscape.
This session will focus on the challenges of HIPAA Security Rule compliance, including the conduct of an information security risk analysis and development of risk management planning, as required under the HIPAA Security Rule, and development and implementation of the necessary policies and procedures for HIPAA Security Rule compliance. Suggested ways a risk analysis may be conducted, and the tools that may be used, will be explored. The necessity for undertaking an information flow analysis to find risks will be explained. Identified risks must be managed, and the means to do so using a set of spreadsheets in a workbook will be described.
The requirements to have policies and procedures will be identified, and the topics that should be covered for each of the rules will be enumerated. Typical policy contents will be identified, with an emphasis on the need to customize and right-size polices for each organization. In addition, we will discuss Privacy Rule topics relating to the management of your HIPAA compliance, such as documentation and training.
The HIPAA Security Rule has some basic requirements for risk analysis and risk management, but also includes numerous physical, technical, and administrative safeguards that must be addressed in policy and procedure. Tackling these requirements individually can result in dozens of new policies; we will explore how to simplify your policies and procedures by combining them where it makes sense to, putting similar requirements and activities together, and making it easier for managers and staff to find and use the right policies and procedures.
And even HIPAA Business Associates must be addressed, both in your policies and in theirs. HIPAA BAs are required to conduct their own risk analyses and have their own sets of security policies and procedures. Hiring entities need to know what’s appropriate and what to ask about for evidence of good practices in information security by their Business Associates.
The session will discuss the requirements and the issues involved with HIPAA security risk analysis, policies, and procedures, and help define the path entities can follow to bring their compliance up to the level at which it should be today.
Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities.
(Contact us : 844-267-7299 | 954-947-5671
Don't wait. Register TODAY or Email US [email protected]
VIP Life Time Subscription to our Newsletters!