Overview:

This course delivers a structured framework for performing a comprehensive HIPAA Risk Assessment, following the exact methodology employed by federal auditors and aligned with the standards established by the National Institute of Standards and Technology (NIST).

Participants will be guided through the critical components of the federal audit process and will also gain insight into emerging legal threats, including the growing trend of patients initiating lawsuits for the wrongful disclosure of their protected health information.

Why you should Attend:

• Have you performed a formal HIPAA Risk Assessment for your organization?

• Are you aware that this assessment is the primary document requested by regulators at the onset of an audit?

• Can you confirm that your current risk management approach meets federal standards?

• Do you possess customized, written policies for every implementation specification within the HIPAA Security Rule—including those deemed "addressable"? Understanding this requirement is fundamental to compliance.

This session will provide a point-by-point demonstration of how to conduct a thorough and defensible risk assessment, while also highlighting how to identify and avoid ineffective, non-compliant solutions in the marketplace. We will emphasize that this assessment is the cornerstone of any HIPAA compliance program and the first item demanded by the Office for Civil Rights (OCR).

You will receive direct instruction on how to develop and document specific policies and procedures that are directly informed by your risk assessment findings. We will cover how to phrase these documents to satisfy regulatory scrutiny, the critical need for consistency between your policies and daily procedures, and the significant pitfalls of using generic, "cookie-cutter" policy templates that fail to reflect your organization's unique environment.

Areas Covered in the Session:

• Key Regulatory Updates for 2024

• Developing Defensible Policies and Procedures

• Identifying and Mitigating Organizational Risks

• Managing Business Associates and Their Compliance Burdens

• Conducting a NIST-Standards Based Risk Assessment

Who Will Benefit:

• Practice Managers

• Physicians and Other Medical Professionals

• Billing Companies

• Transcription Services

• IT Providers

• Answering Services

• Home Health Agencies

• Medical Coders

• Healthcare Attorneys

• All Business Associates Collaborating with Medical Practices or Hospitals