SlideShare una empresa de Scribd logo

HIPAA Security Assessment Intro & Overview

Bob Chaput
Bob Chaput

Covered Entities and Business Associates – take control of your HIPAA Security – HITECH Act compliance program starting today! Our HIPAA Security Assessment Tool™ is the easiest, fastest and most popular way to establish a baseline scorecard and track compliance progress.

Tecnología
1 de 12
Descargar para leer sin conexión
HIPAA Security Assessment ToolKit™ Introduction and Overview Bob Chaput 615-656-4299 or 800-704-3394 bob.chaput@HIPAASecurityAssessment.com HITECH Security Advisors, LLC 1
Disclaimers 1. We are not attorneys! Consult with your own legal counsel or advisors. 2. Information about and around HIPAA and HITECH continues to evolve. 3. HIPAA and HITECH rules and regulations are subject to lots of different interpretations. 4. Every effort has been made to insure that the information presented is correct, but we can cannot offer such assurances. 5. You should not rely on this information for legal purposes, but simply use it as a tool to raise your awareness.
Why You Should Care! 1. “Ensuring adequate privacy and security protections for personal health information” is a key part of Meaningful Use 2. HITECH Act has raised the ante for HIPAA Security compliance significantly 3. Compliance is the smart thing to do for your business and the right thing to do for your patients or your customers’ patients 4. It’s the law! 3
Meaningful Use Stage 1 Policy Goals It’s about health outcomes improvement in the US… 1. Improving quality, safety, efficiency, and reducing health disparities. 2. Engaging patients and families in their healthcare 3. Improving care coordination 4. Improving population and public health 5. Ensuring adequate privacy and security protections for personal health information 4
The HITECH Act – Major Changes From a Privacy and Security perspective, here are five absolute “game changers” under HITECH: 1) Mandatory audits (Subtitle D, Part 1, Section 13411) 2) HHS non-compliance fines return to HHS’ coffers and within a few years (by law) individuals will participate in sharing the proceeds 3) State AGs can now bring civil actions on behalf of their citizens 4) Business Associates are now statutorily obligated 5) Data Breach Notification requirements 5
Meet the HHS Data Breach ‘Wall of Shame’ http://www.hhs.gov/ocr/privacy/hi paa/administrative/breachnotific ationrule/postedbreaches.html 6
HIPAA Security-HITECH Compliance Roadmap HIPAA HIPAA Remediation Security is Plan NOT a Focus of HSA ToolKit™ (HRP) “techie” project Preliminary HIPAA Remediation Security Plan Strategy HIPAA HIPAA HIPAA (PRP) (HSS) Security Compliance Security Assessment Manual Evaluation (HSA) HIPAA (HCM) (HSE) HIPAA Security Risk Training Analysis (HST) (HRA) … A journey, not a HIPAA Security destination ! Policies (HSP) 7
Purpose of the HSA ToolKit™ 1. Jump Start Your HIPAA Security Compliance Program 2. Establish A Progress / Benchmark Monitor 3. Quickly Identify “Low Hanging” Remediation Items 4. Develop a Solid Foundation for HIPAA Risk Analysis 5. Build Deep Understanding At The Onset 6. Get out in front of Meaningful Use requirements on ePHI security 8
Contents of the HSA ToolKit™ 1. HIPAA Security Assessment ToolKit™ Contents document 2. How to Use the HIPAA Security Assessment ToolKit™ 3. Comprehensive HIPAA Security Assessment (HSA) Excel Tool™, including Instructions, Glossary of Terms, included with HSA Excel Tool, Policies Checklist, Resources & References 4. HIPAA Security – HITECH Compliance Roadmap™ 5. Preliminary Remediation Plan Candidate Items template 6. Data Mountain HIPAA-HITECH Security Rule FAQ 7. Iron Mountain HIPAA Primer – What You Should Know About the New Regulations 8. 2009 CMS' HIPAA Compliance Review Analysis And Summary of Results 9. Office of Civil Rights (OCR) HIPAA Security Standards: Guidance on Risk Analysis 10. Centers for Medicare & Medicaid Services (CMS) Security Standards: Implementation for the Small Provider 11. Complete copy of HIPAA Security Final Rule (45 CFR Parts 160, 162, and 164) 9
Heart of the HSA ToolKit™
Features and Benefits of the HSA ToolKit™ HSA ToolKit™ Features HSA ToolKit™ Benefits • Low Risk • Easily derived immediate remediation steps Low Price and High Value • Fast Track to HIPAA Security Rule Compliance • Comprehensive tool and resources • Low Impact on Client Staff and Operations Short Duration • Fast, Immediate Results • Proven Quality • Developed by Senior, Experienced Professionals Development Team • Health Care Expertise • HIPAA – HITECH Focused • Comprehensive, Complete Data Gathering • Based on Proven Best Practices Sound Methodology • High-Quality, Credible Outcomes • Process View, No-Fault Appraisal • Baseline for Compliance Program 11
Contact Bob Chaput www.HIPAASecurityAssessment.com bob.chaput@HIPAASecurityAssessment.com Connect: www.linkedin.com/in/bobchaput Follow me: Twitter.com/bobchaput HITECH Security Advisors, LLC 12

Recomendados

Mbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMBMeHealthCareSolutions
 
HIPAA Compliance: Simple Steps to the Healthcare Cloud
HIPAA Compliance: Simple Steps to the Healthcare CloudHIPAA Compliance: Simple Steps to the Healthcare Cloud
HIPAA Compliance: Simple Steps to the Healthcare CloudHostway|HOSTING
 
MindLeaf - HIPAA privacy and cybersecurity insurance
MindLeaf - HIPAA privacy and cybersecurity insuranceMindLeaf - HIPAA privacy and cybersecurity insurance
MindLeaf - HIPAA privacy and cybersecurity insurancemindleaftechnologies
 
Cyberinsurance 111006
Cyberinsurance 111006Cyberinsurance 111006
Cyberinsurance 111006JNicholson
 
Assessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA ComplianceAssessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA ComplianceHostway|HOSTING
 
HIPAA: security risk analysis
HIPAA: security risk analysisHIPAA: security risk analysis
HIPAA: security risk analysisJoAnna Cheshire
 
Firehost Webinar: Hipaa Compliance 101 Part 1
Firehost Webinar: Hipaa Compliance 101 Part 1Firehost Webinar: Hipaa Compliance 101 Part 1
Firehost Webinar: Hipaa Compliance 101 Part 1Armor
 
Hipaa random audit
Hipaa random auditHipaa random audit
Hipaa random auditsupportc2go
 

Recomendados

Mbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMBMeHealthCareSolutions
 
HIPAA Compliance: Simple Steps to the Healthcare Cloud
HIPAA Compliance: Simple Steps to the Healthcare CloudHIPAA Compliance: Simple Steps to the Healthcare Cloud
HIPAA Compliance: Simple Steps to the Healthcare CloudHostway|HOSTING
 
MindLeaf - HIPAA privacy and cybersecurity insurance
MindLeaf - HIPAA privacy and cybersecurity insuranceMindLeaf - HIPAA privacy and cybersecurity insurance
MindLeaf - HIPAA privacy and cybersecurity insurancemindleaftechnologies
 
Cyberinsurance 111006
Cyberinsurance 111006Cyberinsurance 111006
Cyberinsurance 111006JNicholson
 
Assessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA ComplianceAssessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA ComplianceHostway|HOSTING
 
HIPAA: security risk analysis
HIPAA: security risk analysisHIPAA: security risk analysis
HIPAA: security risk analysisJoAnna Cheshire
 
Firehost Webinar: Hipaa Compliance 101 Part 1
Firehost Webinar: Hipaa Compliance 101 Part 1Firehost Webinar: Hipaa Compliance 101 Part 1
Firehost Webinar: Hipaa Compliance 101 Part 1Armor
 
Hipaa random audit
Hipaa random auditHipaa random audit
Hipaa random auditsupportc2go
 
The Intersection of OCR Enforcement and Health Care Data Privacy & Security
The Intersection of OCR Enforcement and Health Care Data Privacy & SecurityThe Intersection of OCR Enforcement and Health Care Data Privacy & Security
The Intersection of OCR Enforcement and Health Care Data Privacy & SecurityPolsinelli PC
 
Common Security Framework Summary
Common Security Framework SummaryCommon Security Framework Summary
Common Security Framework SummaryJason Rusch - CISSP CGEIT CISM CISA GNSA
 
Hitrust: Navigating to 2017, Your Map to HITRUST Certification
Hitrust: Navigating to 2017, Your Map to HITRUST CertificationHitrust: Navigating to 2017, Your Map to HITRUST Certification
Hitrust: Navigating to 2017, Your Map to HITRUST CertificationSchellman & Company
 
2010 New Guidelines Hipaa Checklist V1
2010 New Guidelines Hipaa Checklist V12010 New Guidelines Hipaa Checklist V1
2010 New Guidelines Hipaa Checklist V1GuardEra Access Solutions, Inc.
 
Hortonworks help customers building a HIPAA compliant Data Lake
Hortonworks help customers building a HIPAA compliant Data Lake Hortonworks help customers building a HIPAA compliant Data Lake
Hortonworks help customers building a HIPAA compliant Data Lake Vitor Lundberg
 
Hitrust csf-assurance-program-requirements-v1 3-final
Hitrust csf-assurance-program-requirements-v1 3-finalHitrust csf-assurance-program-requirements-v1 3-final
Hitrust csf-assurance-program-requirements-v1 3-finalajcob123
 
Ecfirstbiz
EcfirstbizEcfirstbiz
Ecfirstbizshailu devi
 
HIPAA Solutions on Cloud Foundry
HIPAA Solutions on Cloud FoundryHIPAA Solutions on Cloud Foundry
HIPAA Solutions on Cloud FoundryJim Shingler
 
Iadmdhipmkt1.0
Iadmdhipmkt1.0Iadmdhipmkt1.0
Iadmdhipmkt1.0profit10
 
5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA AuditSecurityMetrics
 
Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...
Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...
Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...HPCC Systems
 
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Compliancy Group
 
HIPAA Security & Privacy Official
HIPAA Security & Privacy Official HIPAA Security & Privacy Official
HIPAA Security & Privacy Official GlobalCompliancePanel
 
HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Traininghimalya sharma
 
FRSecure Sales Deck
FRSecure Sales DeckFRSecure Sales Deck
FRSecure Sales DeckEvan Francen
 
What Every Physician Needs to Know About Cloud Storage
What Every Physician Needs to Know About Cloud StorageWhat Every Physician Needs to Know About Cloud Storage
What Every Physician Needs to Know About Cloud StorageTexas Medical Liability Trust
 
HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Traininghimalya sharma
 
Compliance & hipaa regulations
Compliance & hipaa regulationsCompliance & hipaa regulations
Compliance & hipaa regulationsrcpopp2002
 
HealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUSTHealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUSTKimberly Simon MBA
 
A project approach to HIPAA
A project approach to HIPAAA project approach to HIPAA
A project approach to HIPAADaniel P Wallace
 
HIPAA and How it Applies to You
HIPAA and How it Applies to YouHIPAA and How it Applies to You
HIPAA and How it Applies to YouWinston & Strawn LLP
 
ISSIP FUTURE SIG
ISSIP FUTURE SIGISSIP FUTURE SIG
ISSIP FUTURE SIGALessio Patatìn
 

Más contenido relacionado

La actualidad más candente

The Intersection of OCR Enforcement and Health Care Data Privacy & Security
The Intersection of OCR Enforcement and Health Care Data Privacy & SecurityThe Intersection of OCR Enforcement and Health Care Data Privacy & Security
The Intersection of OCR Enforcement and Health Care Data Privacy & SecurityPolsinelli PC
 
Hitrust: Navigating to 2017, Your Map to HITRUST Certification
Hitrust: Navigating to 2017, Your Map to HITRUST CertificationHitrust: Navigating to 2017, Your Map to HITRUST Certification
Hitrust: Navigating to 2017, Your Map to HITRUST CertificationSchellman & Company
 
Hortonworks help customers building a HIPAA compliant Data Lake
Hortonworks help customers building a HIPAA compliant Data Lake Hortonworks help customers building a HIPAA compliant Data Lake
Hortonworks help customers building a HIPAA compliant Data Lake Vitor Lundberg
 
Hitrust csf-assurance-program-requirements-v1 3-final
Hitrust csf-assurance-program-requirements-v1 3-finalHitrust csf-assurance-program-requirements-v1 3-final
Hitrust csf-assurance-program-requirements-v1 3-finalajcob123
 
HIPAA Solutions on Cloud Foundry
HIPAA Solutions on Cloud FoundryHIPAA Solutions on Cloud Foundry
HIPAA Solutions on Cloud FoundryJim Shingler
 
Iadmdhipmkt1.0
Iadmdhipmkt1.0Iadmdhipmkt1.0
Iadmdhipmkt1.0profit10
 
5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA AuditSecurityMetrics
 
Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...
Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...
Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...HPCC Systems
 
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Compliancy Group
 
HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Traininghimalya sharma
 
FRSecure Sales Deck
FRSecure Sales DeckFRSecure Sales Deck
FRSecure Sales DeckEvan Francen
 
What Every Physician Needs to Know About Cloud Storage
What Every Physician Needs to Know About Cloud StorageWhat Every Physician Needs to Know About Cloud Storage
What Every Physician Needs to Know About Cloud StorageTexas Medical Liability Trust
 
HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Traininghimalya sharma
 
Compliance & hipaa regulations
Compliance & hipaa regulationsCompliance & hipaa regulations
Compliance & hipaa regulationsrcpopp2002
 
HealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUSTHealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUSTKimberly Simon MBA
 

La actualidad más candente (19)

The Intersection of OCR Enforcement and Health Care Data Privacy & Security
The Intersection of OCR Enforcement and Health Care Data Privacy & SecurityThe Intersection of OCR Enforcement and Health Care Data Privacy & Security
The Intersection of OCR Enforcement and Health Care Data Privacy & Security
 
Common Security Framework Summary
Common Security Framework SummaryCommon Security Framework Summary
Common Security Framework Summary
 
Hitrust: Navigating to 2017, Your Map to HITRUST Certification
Hitrust: Navigating to 2017, Your Map to HITRUST CertificationHitrust: Navigating to 2017, Your Map to HITRUST Certification
Hitrust: Navigating to 2017, Your Map to HITRUST Certification
 
2010 New Guidelines Hipaa Checklist V1
2010 New Guidelines Hipaa Checklist V12010 New Guidelines Hipaa Checklist V1
2010 New Guidelines Hipaa Checklist V1
 
Hortonworks help customers building a HIPAA compliant Data Lake
Hortonworks help customers building a HIPAA compliant Data Lake Hortonworks help customers building a HIPAA compliant Data Lake
Hortonworks help customers building a HIPAA compliant Data Lake
 
Hitrust csf-assurance-program-requirements-v1 3-final
Hitrust csf-assurance-program-requirements-v1 3-finalHitrust csf-assurance-program-requirements-v1 3-final
Hitrust csf-assurance-program-requirements-v1 3-final
 
Ecfirstbiz
EcfirstbizEcfirstbiz
Ecfirstbiz
 
HIPAA Solutions on Cloud Foundry
HIPAA Solutions on Cloud FoundryHIPAA Solutions on Cloud Foundry
HIPAA Solutions on Cloud Foundry
 
Iadmdhipmkt1.0
Iadmdhipmkt1.0Iadmdhipmkt1.0
Iadmdhipmkt1.0
 
5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit
 
Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...
Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...
Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...
 
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
 
HIPAA Security & Privacy Official
HIPAA Security & Privacy Official HIPAA Security & Privacy Official
HIPAA Security & Privacy Official
 
HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Training
 
FRSecure Sales Deck
FRSecure Sales DeckFRSecure Sales Deck
FRSecure Sales Deck
 
What Every Physician Needs to Know About Cloud Storage
What Every Physician Needs to Know About Cloud StorageWhat Every Physician Needs to Know About Cloud Storage
What Every Physician Needs to Know About Cloud Storage
 
HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Training
 
Compliance & hipaa regulations
Compliance & hipaa regulationsCompliance & hipaa regulations
Compliance & hipaa regulations
 
HealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUSTHealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUST
 

Destacado

A project approach to HIPAA
A project approach to HIPAAA project approach to HIPAA
A project approach to HIPAADaniel P Wallace
 
HIPAA: Everything You Need to Know
HIPAA: Everything You Need to KnowHIPAA: Everything You Need to Know
HIPAA: Everything You Need to Knowbenefitexpress
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for DevelopersTrueVault
 
HIPAA HiTech Security Assessment
HIPAA HiTech Security AssessmentHIPAA HiTech Security Assessment
HIPAA HiTech Security Assessmentdata brackets
 
HIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceHIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceJay Hodes
 
Introduction To Business Ethics
Introduction To Business EthicsIntroduction To Business Ethics
Introduction To Business EthicsPaul Pajo
 
HIPAA Basics
HIPAA BasicsHIPAA Basics
HIPAA BasicsKarna *
 
Application Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA ComplianceApplication Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA ComplianceTrueVault
 
Importance of-business-ethics
Importance of-business-ethicsImportance of-business-ethics
Importance of-business-ethicsSyed Arslan
 

Destacado (15)

A project approach to HIPAA
A project approach to HIPAAA project approach to HIPAA
A project approach to HIPAA
 
HIPAA and How it Applies to You
HIPAA and How it Applies to YouHIPAA and How it Applies to You
HIPAA and How it Applies to You
 
ISSIP FUTURE SIG
ISSIP FUTURE SIGISSIP FUTURE SIG
ISSIP FUTURE SIG
 
HIPAA: Everything You Need to Know
HIPAA: Everything You Need to KnowHIPAA: Everything You Need to Know
HIPAA: Everything You Need to Know
 
Hawaii’s HIPAA Harmonization Law
Hawaii’s HIPAA Harmonization LawHawaii’s HIPAA Harmonization Law
Hawaii’s HIPAA Harmonization Law
 
HIPAA security risk assessments
HIPAA security risk assessmentsHIPAA security risk assessments
HIPAA security risk assessments
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for Developers
 
HIPAA HiTech Security Assessment
HIPAA HiTech Security AssessmentHIPAA HiTech Security Assessment
HIPAA HiTech Security Assessment
 
HIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceHIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of Compliance
 
Introduction To Business Ethics
Introduction To Business EthicsIntroduction To Business Ethics
Introduction To Business Ethics
 
HIPAA Basics
HIPAA BasicsHIPAA Basics
HIPAA Basics
 
Hippa presentation2
Hippa presentation2Hippa presentation2
Hippa presentation2
 
Application Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA ComplianceApplication Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA Compliance
 
Importance of-business-ethics
Importance of-business-ethicsImportance of-business-ethics
Importance of-business-ethics
 
Business ethics
Business ethicsBusiness ethics
Business ethics
 

Similar a HIPAA Security Assessment Intro & Overview

HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel AvivHIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel AvivAmazon Web Services
 
Simple Steps to HIPAA Compliance
Simple Steps to HIPAA ComplianceSimple Steps to HIPAA Compliance
Simple Steps to HIPAA ComplianceAtMyDeskTraining
 
Redspin Webinar - Prepare for a HIPAA Security Risk Analysis
Redspin Webinar - Prepare for a HIPAA Security Risk AnalysisRedspin Webinar - Prepare for a HIPAA Security Risk Analysis
Redspin Webinar - Prepare for a HIPAA Security Risk AnalysisRedspin, Inc.
 
Final Project Presentation requirementSelect your final project .docx
Final Project Presentation requirementSelect your final project .docxFinal Project Presentation requirementSelect your final project .docx
Final Project Presentation requirementSelect your final project .docxlmelaine
 
HIPAA HITECH Express Security Privacy Webinar
HIPAA HITECH Express Security Privacy WebinarHIPAA HITECH Express Security Privacy Webinar
HIPAA HITECH Express Security Privacy WebinarCompliancy Group
 
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docx
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docxBarbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docx
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docxwilcockiris
 
PSOW 2016 - HIPAA Compliance for EMS Community
PSOW 2016 - HIPAA Compliance for EMS CommunityPSOW 2016 - HIPAA Compliance for EMS Community
PSOW 2016 - HIPAA Compliance for EMS CommunityPSOW
 
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT SecurityRedspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT SecurityRedspin, Inc.
 
Explain the security implications of HIPPA requirements for hospital.pdf
Explain the security implications of HIPPA requirements for hospital.pdfExplain the security implications of HIPPA requirements for hospital.pdf
Explain the security implications of HIPPA requirements for hospital.pdfarjunenterprises1978
 
Understanding HIPAA
Understanding HIPAAUnderstanding HIPAA
Understanding HIPAAManas Deep
 
An Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdfAn Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdfSeasiaInfotech2
 
Comp8 unit6a lecture_slides
Comp8 unit6a lecture_slidesComp8 unit6a lecture_slides
Comp8 unit6a lecture_slidesCMDLMS
 
HIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowHIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowCompliancy Group
 
The Ultimate Guide to HIPAA Training Course Online Everything You Need to Kno...
The Ultimate Guide to HIPAA Training Course Online Everything You Need to Kno...The Ultimate Guide to HIPAA Training Course Online Everything You Need to Kno...
The Ultimate Guide to HIPAA Training Course Online Everything You Need to Kno...Learn2Prevent
 
A brief introduction to hipaa compliance
A brief introduction to hipaa complianceA brief introduction to hipaa compliance
A brief introduction to hipaa compliancePrince George
 
How to Ensure HIPPA Compliance
How to Ensure HIPPA ComplianceHow to Ensure HIPPA Compliance
How to Ensure HIPPA ComplianceHanna Global
 
The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...
The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...
The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...Colington Consulting
 
HIPAA and Beyond - How to Effectively Safeguard Electronic Protected Health I...
HIPAA and Beyond - How to Effectively Safeguard Electronic Protected Health I...HIPAA and Beyond - How to Effectively Safeguard Electronic Protected Health I...
HIPAA and Beyond - How to Effectively Safeguard Electronic Protected Health I...Ben Rothke
 
Hipaa compliance for small healthcare providers
Hipaa compliance for small healthcare providersHipaa compliance for small healthcare providers
Hipaa compliance for small healthcare providersGlobalCompliancePanel
 
Hipaa audits and enforcement
Hipaa audits and enforcementHipaa audits and enforcement
Hipaa audits and enforcementsupportc2go
 

Similar a HIPAA Security Assessment Intro & Overview (20)

HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel AvivHIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
 
Simple Steps to HIPAA Compliance
Simple Steps to HIPAA ComplianceSimple Steps to HIPAA Compliance
Simple Steps to HIPAA Compliance
 
Redspin Webinar - Prepare for a HIPAA Security Risk Analysis
Redspin Webinar - Prepare for a HIPAA Security Risk AnalysisRedspin Webinar - Prepare for a HIPAA Security Risk Analysis
Redspin Webinar - Prepare for a HIPAA Security Risk Analysis
 
Final Project Presentation requirementSelect your final project .docx
Final Project Presentation requirementSelect your final project .docxFinal Project Presentation requirementSelect your final project .docx
Final Project Presentation requirementSelect your final project .docx
 
HIPAA HITECH Express Security Privacy Webinar
HIPAA HITECH Express Security Privacy WebinarHIPAA HITECH Express Security Privacy Webinar
HIPAA HITECH Express Security Privacy Webinar
 
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docx
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docxBarbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docx
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docx
 
PSOW 2016 - HIPAA Compliance for EMS Community
PSOW 2016 - HIPAA Compliance for EMS CommunityPSOW 2016 - HIPAA Compliance for EMS Community
PSOW 2016 - HIPAA Compliance for EMS Community
 
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT SecurityRedspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
 
Explain the security implications of HIPPA requirements for hospital.pdf
Explain the security implications of HIPPA requirements for hospital.pdfExplain the security implications of HIPPA requirements for hospital.pdf
Explain the security implications of HIPPA requirements for hospital.pdf
 
Understanding HIPAA
Understanding HIPAAUnderstanding HIPAA
Understanding HIPAA
 
An Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdfAn Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdf
 
Comp8 unit6a lecture_slides
Comp8 unit6a lecture_slidesComp8 unit6a lecture_slides
Comp8 unit6a lecture_slides
 
HIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowHIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to know
 
The Ultimate Guide to HIPAA Training Course Online Everything You Need to Kno...
The Ultimate Guide to HIPAA Training Course Online Everything You Need to Kno...The Ultimate Guide to HIPAA Training Course Online Everything You Need to Kno...
The Ultimate Guide to HIPAA Training Course Online Everything You Need to Kno...
 
A brief introduction to hipaa compliance
A brief introduction to hipaa complianceA brief introduction to hipaa compliance
A brief introduction to hipaa compliance
 
How to Ensure HIPPA Compliance
How to Ensure HIPPA ComplianceHow to Ensure HIPPA Compliance
How to Ensure HIPPA Compliance
 
The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...
The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...
The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...
 
HIPAA and Beyond - How to Effectively Safeguard Electronic Protected Health I...
HIPAA and Beyond - How to Effectively Safeguard Electronic Protected Health I...HIPAA and Beyond - How to Effectively Safeguard Electronic Protected Health I...
HIPAA and Beyond - How to Effectively Safeguard Electronic Protected Health I...
 
Hipaa compliance for small healthcare providers
Hipaa compliance for small healthcare providersHipaa compliance for small healthcare providers
Hipaa compliance for small healthcare providers
 
Hipaa audits and enforcement
Hipaa audits and enforcementHipaa audits and enforcement
Hipaa audits and enforcement
 

Más de Bob Chaput

Upcoming Clearwater Compliance Events
Upcoming Clearwater Compliance EventsUpcoming Clearwater Compliance Events
Upcoming Clearwater Compliance EventsBob Chaput
 
NEW 2014 Clearwater Compliance Virtual HIPAA Audit Prep BootCamp™
NEW 2014 Clearwater Compliance Virtual HIPAA Audit Prep BootCamp™NEW 2014 Clearwater Compliance Virtual HIPAA Audit Prep BootCamp™
NEW 2014 Clearwater Compliance Virtual HIPAA Audit Prep BootCamp™Bob Chaput
 
About Your Speaker Author Bob Chaput 11 25 2011
About Your Speaker Author Bob Chaput 11 25 2011About Your Speaker Author Bob Chaput 11 25 2011
About Your Speaker Author Bob Chaput 11 25 2011Bob Chaput
 
How The Hitech Act Raises The Ante For Hipaa Security Rule Compliance
How The Hitech Act Raises The Ante For Hipaa Security Rule ComplianceHow The Hitech Act Raises The Ante For Hipaa Security Rule Compliance
How The Hitech Act Raises The Ante For Hipaa Security Rule ComplianceBob Chaput
 
COO Forum is Coming to Nashville
COO Forum is Coming to NashvilleCOO Forum is Coming to Nashville
COO Forum is Coming to NashvilleBob Chaput
 
03 2010 Online Buyer 101 Webinar
03 2010 Online Buyer 101 Webinar03 2010 Online Buyer 101 Webinar
03 2010 Online Buyer 101 WebinarBob Chaput
 

Más de Bob Chaput (6)

Upcoming Clearwater Compliance Events
Upcoming Clearwater Compliance EventsUpcoming Clearwater Compliance Events
Upcoming Clearwater Compliance Events
 
NEW 2014 Clearwater Compliance Virtual HIPAA Audit Prep BootCamp™
NEW 2014 Clearwater Compliance Virtual HIPAA Audit Prep BootCamp™NEW 2014 Clearwater Compliance Virtual HIPAA Audit Prep BootCamp™
NEW 2014 Clearwater Compliance Virtual HIPAA Audit Prep BootCamp™
 
About Your Speaker Author Bob Chaput 11 25 2011
About Your Speaker Author Bob Chaput 11 25 2011About Your Speaker Author Bob Chaput 11 25 2011
About Your Speaker Author Bob Chaput 11 25 2011
 
How The Hitech Act Raises The Ante For Hipaa Security Rule Compliance
How The Hitech Act Raises The Ante For Hipaa Security Rule ComplianceHow The Hitech Act Raises The Ante For Hipaa Security Rule Compliance
How The Hitech Act Raises The Ante For Hipaa Security Rule Compliance
 
COO Forum is Coming to Nashville
COO Forum is Coming to NashvilleCOO Forum is Coming to Nashville
COO Forum is Coming to Nashville
 
03 2010 Online Buyer 101 Webinar
03 2010 Online Buyer 101 Webinar03 2010 Online Buyer 101 Webinar
03 2010 Online Buyer 101 Webinar
 

Último

A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 

Último (20)

A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 

HIPAA Security Assessment Intro & Overview

  • 1. HIPAA Security Assessment ToolKit™ Introduction and Overview Bob Chaput 615-656-4299 or 800-704-3394 bob.chaput@HIPAASecurityAssessment.com HITECH Security Advisors, LLC 1
  • 2. Disclaimers 1. We are not attorneys! Consult with your own legal counsel or advisors. 2. Information about and around HIPAA and HITECH continues to evolve. 3. HIPAA and HITECH rules and regulations are subject to lots of different interpretations. 4. Every effort has been made to insure that the information presented is correct, but we can cannot offer such assurances. 5. You should not rely on this information for legal purposes, but simply use it as a tool to raise your awareness.
  • 3. Why You Should Care! 1. “Ensuring adequate privacy and security protections for personal health information” is a key part of Meaningful Use 2. HITECH Act has raised the ante for HIPAA Security compliance significantly 3. Compliance is the smart thing to do for your business and the right thing to do for your patients or your customers’ patients 4. It’s the law! 3
  • 4. Meaningful Use Stage 1 Policy Goals It’s about health outcomes improvement in the US… 1. Improving quality, safety, efficiency, and reducing health disparities. 2. Engaging patients and families in their healthcare 3. Improving care coordination 4. Improving population and public health 5. Ensuring adequate privacy and security protections for personal health information 4
  • 5. The HITECH Act – Major Changes From a Privacy and Security perspective, here are five absolute “game changers” under HITECH: 1) Mandatory audits (Subtitle D, Part 1, Section 13411) 2) HHS non-compliance fines return to HHS’ coffers and within a few years (by law) individuals will participate in sharing the proceeds 3) State AGs can now bring civil actions on behalf of their citizens 4) Business Associates are now statutorily obligated 5) Data Breach Notification requirements 5
  • 6. Meet the HHS Data Breach ‘Wall of Shame’ http://www.hhs.gov/ocr/privacy/hi paa/administrative/breachnotific ationrule/postedbreaches.html 6
  • 7. HIPAA Security-HITECH Compliance Roadmap HIPAA HIPAA Remediation Security is Plan NOT a Focus of HSA ToolKit™ (HRP) “techie” project Preliminary HIPAA Remediation Security Plan Strategy HIPAA HIPAA HIPAA (PRP) (HSS) Security Compliance Security Assessment Manual Evaluation (HSA) HIPAA (HCM) (HSE) HIPAA Security Risk Training Analysis (HST) (HRA) … A journey, not a HIPAA Security destination ! Policies (HSP) 7
  • 8. Purpose of the HSA ToolKit™ 1. Jump Start Your HIPAA Security Compliance Program 2. Establish A Progress / Benchmark Monitor 3. Quickly Identify “Low Hanging” Remediation Items 4. Develop a Solid Foundation for HIPAA Risk Analysis 5. Build Deep Understanding At The Onset 6. Get out in front of Meaningful Use requirements on ePHI security 8
  • 9. Contents of the HSA ToolKit™ 1. HIPAA Security Assessment ToolKit™ Contents document 2. How to Use the HIPAA Security Assessment ToolKit™ 3. Comprehensive HIPAA Security Assessment (HSA) Excel Tool™, including Instructions, Glossary of Terms, included with HSA Excel Tool, Policies Checklist, Resources & References 4. HIPAA Security – HITECH Compliance Roadmap™ 5. Preliminary Remediation Plan Candidate Items template 6. Data Mountain HIPAA-HITECH Security Rule FAQ 7. Iron Mountain HIPAA Primer – What You Should Know About the New Regulations 8. 2009 CMS' HIPAA Compliance Review Analysis And Summary of Results 9. Office of Civil Rights (OCR) HIPAA Security Standards: Guidance on Risk Analysis 10. Centers for Medicare & Medicaid Services (CMS) Security Standards: Implementation for the Small Provider 11. Complete copy of HIPAA Security Final Rule (45 CFR Parts 160, 162, and 164) 9
  • 10. Heart of the HSA ToolKit™
  • 11. Features and Benefits of the HSA ToolKit™ HSA ToolKit™ Features HSA ToolKit™ Benefits • Low Risk • Easily derived immediate remediation steps Low Price and High Value • Fast Track to HIPAA Security Rule Compliance • Comprehensive tool and resources • Low Impact on Client Staff and Operations Short Duration • Fast, Immediate Results • Proven Quality • Developed by Senior, Experienced Professionals Development Team • Health Care Expertise • HIPAA – HITECH Focused • Comprehensive, Complete Data Gathering • Based on Proven Best Practices Sound Methodology • High-Quality, Credible Outcomes • Process View, No-Fault Appraisal • Baseline for Compliance Program 11
  • 12. Contact Bob Chaput www.HIPAASecurityAssessment.com bob.chaput@HIPAASecurityAssessment.com Connect: www.linkedin.com/in/bobchaput Follow me: Twitter.com/bobchaput HITECH Security Advisors, LLC 12