HIPAA Security Fundamentals

Product Id IQW15C6269
Level Basic
Duration 60 Mins
  • Description
  • Why should you attend
  • Areas covered
  • Who will benefit
  • Speaker

Come learn about the HIPAA Security Rule and learn the basics of what you need to do to become compliant. The webinar will break down the Security Rule in an easy way to understand what should already be in place or needs remediation within your organization. A review will be performed on of the details of the administrative, physical, and technical safeguards needed to protect your organization. In addition, the Omnibus Rule and the Breach Notification rule will be discussed. With the amount of information out on the Internet we will look at additional resources that are available to help you with your HIPAA Security Rule compliance efforts.

Do you need to know more about the HIPAA Security Rule? Is your organization even compliant? Do you have the correct policies and procedures in place? When did you have a risk assessment last and was it actually a true assessment? What would you do if you had a disaster and when was the last time you tested your contingency plan? These are just some of the questions you should already understand and have answers.
The HIPAA Security Rule created national standards and safeguards to protect individuals’ personal health information that is created, used, maintained, or used for treatment, payments, and healthcare operations. These safeguards must be implemented to protect the confidentiality, integrity, and availability of ePHI that is created, received, maintained, or transmitted. Unlike other regulations, the Security Rule does not specify how the safeguards are implemented but what is required to protect ePHI.
 
• Overview of Security – Confidentiality, Integrity, Availability
• Importance of Security
• Rules of the Security Rule
• HIPAA Security Rule Safeguards
• Administrative Safeguards
o  Security Management Process
o  Assigned Security Responsibility
o  Workforce Security
o  Information Access Management
o  Security Awareness and Training
o  Security Incident Procedures
o  Contingency Plan
o  Evaluation
o  Business Associate Contracts and Other Arrangements
• Physical Safeguards
o  Facility Access and Control
o  Workstation Use
o  Workstation Security
o  Device and Media Controls
• Technical Safeguards
o  Access Controls
o  Audit Controls
o  Integrity Controls
o  Person or Entity Authentication
o  Transmissions Security
o  Organizational Requirements
o  Business Associate Contracts & Other Arrangements
o  Requirements for Group Health Plans
• Policies, Procedures and Documentation Requirements
• Omnibus Rule
• Breach Notification Rule
  • Providers
  • Health Care Professionals
  • Future Compliance Officers
  • IT Professionals
  • Business Associates that work with providers and/or hospitals.

Currently, Brian Freedman is the Chief Information Security Officer for TiffaSec Security Consulting. Mr. Freedman has earned his Masters of Science in Information Systems and has over 20 years working in IT and Information Assurance. Mr. Freedman leverages deep project management and technical experience to lead key elements to several Health-Information Technology (IT), Privacy and Security initiatives.

Mr. Freedman has hands-on experience with both the public and private sector healthcare networks and systems: He has worked at one of South Carolina’s largest independent physicians practice, as its CIO and Information Technology Director. In his role as CIO, he was responsible for the oversight of all operational and technology functions for 33 Primary Care Physician offices and Specialist clinics. He served as the HIPAA Compliance Officer and managed a team of IT specialists in support of electronic medical records and practice management systems. He drafted and/or rewrote all related policies and procedures for the HIPAA final rule, and designed and delivered a HIPAA training program to more than 650 employees. Mr. Freedman also created and implemented an annual risk management / analysis program to focus on both HIPAA and Meaningful Use compliance. The risk management program developed by Mr. Freedman has provided the practice with a continuous risk management program.

He has co-authored a book on PCI Compliance and is the Technical Editor of a handbook on IT Regulatory and Standards Compliance. In addition, Mr. Freedman is an Adjunct Instructor for the Department of Network Systems Management at a local Technical College where he teaches classes in Information Systems, Networking, Information Assurance, and Regulatory Compliance (HIPAA and PCI). He holds some of the leading industry certifications from Microsoft and Cisco. He is also a CISSP, CISA, PMP, and is a Certified HIPAA Compliance Officer (CHCO).

 

 

For Bulk bookings & other queries, contact: