A risk analysis is a required and critical component of a HIPAA program.
There are specific milestones you must meet and documentation you must perform or your entire program can be considered inadequate. As well,there are required ongoing updates to this program.
Failure to adequately perform and update a risk analysis is most likely the NUMBER ONE reason that fines and penalties are assessed against a physician, group practice or hospital.
Why should you Attend: Have you performed your risk analysis, have you updated it as required by law, do you know the triggers that require an update, are you sure you have performed an adequate analysis do you even know what this is all about????
Do you have a list of your assets (by HIPAA definition of assets), have you documented potential threats, protections in place, a GAP analysis, potential solutions and produced a mitigation plan?
During an investigation it is nearly certain you will be required to produce a copy of your risk analysis how will you do?
Areas Covered in the Session: