Overview:The primary goal of this session is to demonstrate why the health care organization needs to perform a risk assessment and how to perform the risk assessment. This includes a description of the types of breaches of protected health information that have already occurred and the reasons those breaches happened. The presentation then provides that reasons that a risk assessment is required in a health care organization and who needs to perform the assessment.
There are a number of approaches available both for purchase on the web and performed by professionals on site. This discussion helps the participant determine which approach is best for their health care organization and what portions of the assessment are most important to the organization.
The topic addresses the key components of a risk assessment and how to perform the risk assessment. This includes how to define the specific risks, how to know, how to assess the likelihood and impact of the risk and the final determination on the level of severity of the risk for the organization.
Finally, the session explains how to interpret the results of the risk assessment, how to use the results of the risk assessment for preparing the health care organization's policies and procedures and how to conduct the HIPAA training for its staff.
Why should you attend: In addition to the negative publicity and potential fines, a breach of a patient's health information often leads to litigation which is also time consuming and costly. The way to avoid these situations is to perform a Risk Assessment to understand where the health care organization is risk of an unauthorized breach and provide a basis for becoming HIPAA compliant.
There are three reasons why a Risk Assessment is necessary: