Register Now

Reserve your seat

Join us for this complimentary educational webinar and learn the foundations of an OCR-Quality Risk Analysis.
Register Now

This webinar is designed to help covered entities (CEs) and business associates (BAs) understand the critical first step in conducting an OCR-quality risk analysis.

This session is offered as a 75-minute webinar using the Zoom platform. The open format encourages questions during and after the session.

The Challenge

In 90% of OCR’s Resolution Agreements (RAs) / Corrective Action Plans (CAPs) involving electronic Protected Health Information (ePHI), organizations have had adverse findings.  The most commonly cited reason for failed risk analyses is lack of comprehensiveness.  That is, the risk analyses must consider all information assets in all facilities in all lines of business in all locations.  Organizations continue to struggle to identify and inventory all systems, applications, solutions, and devices (e.g., information assets) that create, receive, maintain and transmit e-PHI can be a daunting task.

The Solution

Attend this webinar which takes the mystery out of information assets and delivers an effective process for identifying and inventorying all traditional information assets, biomedical devices, networking and computing assets and other important systems and devices that are part of the Internet of Things (IoT).  OCR’s increasingly more stringent standard of care requires all information assets be risk-analyzed.

Learning Outcomes

This webinar is designed for anyone responsible for protecting sensitive personal information. Business leaders, managers and professionals with responsibility for privacy, security, compliance or risk management should attend.

  • Define the fundamental reason for conducting comprehensive and accurate risk analysis and risk management.
  • Explain to colleagues the overall requirements of the HIPAA Security Rule and the specific requirement to complete a comprehensive and accurate risk analyses.
  • Identify and cite specific cases in which OCR is increasingly emphasizing, in audits, investigations, resolution agreements and corrective action plans, that a comprehensive and accurate risk analysis that includes all systems, applications, solutions, and devices that create, receive, maintain and transmit e-PHI.
  • Explain and use a process for identifying and inventorying all systems, applications, solutions, and devices that create, receive, maintain and transmit e-PHI.
  • Document your information assets including all traditional information assets, biomedical devices, networking and computing assets and other important systems and devices that are part of the Internet of Things (IoT).

Date & Time

December 11, 2017

11 am – 12:15 pm CT

Register Now

Presenter

Bob Chaput
Bob ChaputMA, CISSP, HCISPP, CRISC, CIPP/US | CEO
Register Now

Reserve your seat

Join us for this complimentary educational webinar and learn the foundations of a strong information risk management program.
Register Now