Why and How? – HIPAA Risk Analysis - Risk Management Explained Step-by-Step

Duration 60 Mins
Level Basic & Intermediate & Advanced
Webinar ID IQW15C6144

This webinar for HIPAA Covered Entities and Business Associates will explain:

1. What a complete HIPAA Risk Analysis – Risk Management program is and how to do one.

2. How to automate, simplify, document and complete your HIPAA Risk Analysis – Risk Management by an interactive, intuitive process:

A. To identify and analyze Risks to all Protected Health Information (PHI) – not just Electronic Protected Health Information (EPHI);

B. Manage Identified Risks; and

C. Implement your specific, customized Risk Management Plan.

3. Archive your Risk Analysis – Risk Management compliance for ready reference and inspection by OCR.

Craft your next HIPAA Risk Analysis – Risk Management from the data entered in archive – modify and supplement with no need to start from scratch. 

Overview of the webinar

This program will explain, clarify and demonstrate how to do a Risk Analysis in 6 complete steps:
  • Location
  • Implementation Specifications
  • Threats and Vulnerabilities
  • Risks
  • Action Steps
  • Documentation
This lesson is designed to enable your Organization to perform a complete Risk Analysis of all PHI it creates, receives, maintains or transmits in any format. You will understand and identify threats, vulnerabilities and risks to your organization's PHI wherever it is located. 

Who should attend?

  • Health Care Practice and Business Associate Owners
  • Compliance Official
  • Chief Executive Officer
  • Chief Operating Officer
  • Chief Compliance Officer
  • Chief Information Officer
  • Chief Information Security Officer 
  • Risk Management Director
  • HIPAA Compliance Official
  • HIPAA Privacy Officer
  • HIPAA Security Officer
  • Information Technology Supervisor
  • General Counsel – Associate General Counsel
  • Attorney
  • Certified Public Accountant

Why should you attend?

The Office for Civil Rights (OCR), the HIPAA enforcement arm of the U. S. Department of Health and Human Services (HHS) has recently announced   alarming results of the Phase 2 Covered Entity HIPAA Compliance Audits. 94% failed the Risk Management Audit and 87% failed the Risk Analysis Audit! Every audited Covered Entity knew well in advance that it was on the short list to be audited, had completed pre-audit questionnaires and knew the exact questions it would be asked and documentation to be provided (audit protocols). Attend this session to learn how the Acts of HIPAA Risk Analysis – Risk Management, step-by-step, with the steps demonstrated and explained clearly in plain language. HIPAA Risk Analysis – Risk Management is the basis of your HIPAA Compliance Program. OCR rightly considers the most serious, most widespread HIPAA deficiency for Covered Entities and Business Associates – surpassing all others – is an organization's failure to perform a HIPAA Risk Analysis and implement a Risk Management program to address its Risks. The HIPAA Rules do not say how to do HIPAA Risk Analysis – Risk Management. OCR's limited 9 page guidance document refers organizations to technical procedures in manuals created by the National Institute of Standards and Technology (NIST) Computer Security Division and geared to "the computer security community". Several Federal "Security Risk Assessment Tools" are available, incomplete, cumbersome and have an explicit disclaimer – use of the tool does not guarantee compliance with federal, state or local laws. However, Federal Risk Analysis – Risk Management procedures are easy to follow, step-by-step, when you know the steps. This webinar explains and demonstrates those steps. 

Faculty - Mr.Paul R. Hales

Paul R. Hales, J.D. is widely recognized for his ability to explain the HIPAA Rules clearly in plain language. Paul is an attorney licensed to practice before the Supreme Court of the United States and a graduate of Columbia University Law School with an international practice in HIPAA privacy and security. He is the author of all content in The HIPAA E-Tool®, an Internet-based, complete HIPAA compliance solution with separate editions for Covered Entities, Business Associates, Health Plans and Third Party Administrators.


Refund / Cancellation policy
For group or any booking support, contact: