Top Reason for Risk Analysis Failures

August 22, 2018 | 12 pm – 12:45 pm CT

In this webinar, attendees will hear directly from former OCR Deputy Director, Iliana Peters and Cyber Risk Management expert, Bob Chaput.  Both will provide insight into why so many healthcare organizations struggle to meet the HIPAA Security Rule, particularly Risk Analysis requirements.  Additionally, they will explain the specific top reasons why organizations are failing to meet the OCR standard for a comprehensive risk analysis.

Key Messages:

  • OCR audit and enforcement activity shows that 9 of 10 organizations fail to conduct risk analyses that meet OCR and HIPAA requirements; most likely, yours would fail

  • The HIPAA Security Rule calls for three (3) separate and distinct ‘assessments’, including a specific risk analysis, which are commonly confused

  • Understanding the critical difference between the three assessments can mean the difference between a request for voluntary compliance or a multi-million dollar expense

Specific Learning Objectives:

  • Explain the requirements of the HIPAA Security Final Rule for conducting periodic security evaluations

  • Describe the difference between a compliance gap assessment, a risk analysis and technical testing

  • Detail an example of a civil money penalty. Undertake practical, actionable steps to complete the evaluations required by law

Register for webinar 3 of 3

THA & Clearwater Summer Webinar Series Recap:

RECAP: Webinar 1 of 3 | First, Do No Harm! The Impact of Cyber Risks on Patient Safety

June 27  | 12 pm – 12:45 pm CT

With the vision of the eHealth Exchange and digitization of healthcare, we anticipate great advances in patient engagement, health care outcomes and quality of care. At the same time, healthcare’s advancements in assuring privacy and security of sensitive information and biomedical devices through better risk management are not keeping pace. In fact, the promises of digitization carry unintended consequences and concerns about patient safety and new potential forms of medical professional liability. It’s not about HIPAA compliance and it’s not just an “IT problem”.  Attend and learn about critical steps we must all take to identify and mitigate these new, emerging enterprise risks.

Key Messages:

  • Declare It’s Not Just an IT Problem – Make it a Team Sport

  • Make it About Patient Care, Patient Experience and Medical Professional Liability

  • There is a Path Forward – Strategically, Tactically and Operationally

This event has ended, but is available for viewing ON-DEMAND.  

RECAP: Webinar 2 of 3 | Lessons Learned from OCR Enforcements Actions

July 31 |  12-12:45pm

The Office for Civil Rights (OCR) within the Department of Health and Human Services (HHS) vigorously enforces the HIPAA Privacy, Security and Breach Notification rules.  Enforcement may include compliance reviews, voluntary compliance requirements, audits, resolution agreements or formal corrective action plans, accompanied by civil money penalties or negotiated settlement amounts.  This webinar will cover a select number of enforcement case studies and key lessons for handling an OCR enforcement action or an anticipated action in the event of a breach or a complaint.

Key Messages:

  • OCR enforcement activity is not slowing down

  • Any actions you take or don’t take, any information you provide or fail to provide, will be used against you in determining the breadth, depth and outcome of the investigation.

  • When you report a breach and/or OCR initiates an investigation of your organization, it is important to understand this is an adversarial situation with serious potential consequences.

  • It is possible to minimize the scope and impact of an investigation as well as the amount of any penalties.

This event has ended, but is available for viewing ON-DEMAND.  

Dates & Time

August 22, 2018 | 12 pm – 12:45 pm CT

Register for Aug 22 Webinar


Bob Chaput, MA, CISSP, HCISPP, CRISC, CIPP/USFounder & Executive Chairman, Clearwater Compliance
Iliana Peters, JD, CISSP
Iliana Peters, JD, CISSPShareholder, Polsinelli & Former Acting Deputy Director HHS Office for Civil Rights
Fernando Martinez, Ph.D
Fernando Martinez, Ph.DChief Digital Officer, Texas Hospital Association | President/CEO, Texas Hospital Association Foundation
Jon Moore, MS, JD
Jon Moore, MS, JDChief Risk Offer, Clearwater Compliance
Register for Aug 22 Webinar

Reserve your seat

We know summer can be busy, so all registrants will receive access to the recorded webinars to view at your convenience.
Register for Aug 22 Webinar