HIPAA Security Assessment Intro & Overview

  • View

  • Download

Embed Size (px)


Covered Entities and Business Associates – take control of your HIPAA Security – HITECH Act compliance program starting today! Our HIPAA Security Assessment Tool™ is the easiest, fastest and most popular way to establish a baseline scorecard and track compliance progress.

Text of HIPAA Security Assessment Intro & Overview

  • 1. HIPAA Security Assessment ToolKit Introduction and Overview Bob Chaput 615-656-4299 or 800-704-3394 bob.chaput@HIPAASecurityAssessment.com HITECH Security Advisors, LLC 1
  • 2. Disclaimers 1. We are not attorneys! Consult with your own legal counsel or advisors. 2. Information about and around HIPAA and HITECH continues to evolve. 3. HIPAA and HITECH rules and regulations are subject to lots of different interpretations. 4. Every effort has been made to insure that the information presented is correct, but we can cannot offer such assurances. 5. You should not rely on this information for legal purposes, but simply use it as a tool to raise your awareness.
  • 3. Why You Should Care! 1. Ensuring adequate privacy and security protections for personal health information is a key part of Meaningful Use 2. HITECH Act has raised the ante for HIPAA Security compliance significantly 3. Compliance is the smart thing to do for your business and the right thing to do for your patients or your customers patients 4. Its the law! 3
  • 4. Meaningful Use Stage 1 Policy Goals Its about health outcomes improvement in the US 1. Improving quality, safety, efficiency, and reducing health disparities. 2. Engaging patients and families in their healthcare 3. Improving care coordination 4. Improving population and public health 5. Ensuring adequate privacy and security protections for personal health information 4
  • 5. The HITECH Act Major Changes From a Privacy and Security perspective, here are five absolute game changers under HITECH: 1) Mandatory audits (Subtitle D, Part 1, Section 13411) 2) HHS non-compliance fines return to HHS coffers and within a few years (by law) individuals will participate in sharing the proceeds 3) State AGs can now bring civil actions on behalf of their citizens 4) Business Associates are now statutorily obligated 5) Data Breach Notification requirements 5
  • 6. Meet the HHS Data Breach Wall of Shame http://www.hhs.gov/ocr/privacy/hi paa/administrative/breachnotific ationrule/postedbreaches.html 6
  • 7. HIPAA Security-HITECH Compliance Roadmap HIPAA HIPAA Remediation Security is Plan NOT a Focus of HSA ToolKit (HRP) techie project Preliminary HIPAA Remediation Security Plan Strategy HIPAA HIPAA HIPAA (PRP) (HSS) Security Compliance Security Assessment Manual Evaluation (HSA) HIPAA (HCM) (HSE) HIPAA Security Risk Training Analysis (HST) (HRA) A journey, not a HIPAA Security destination ! Policies (HSP) 7
  • 8. Purpose of the HSA ToolKit 1. Jump Start Your HIPAA Security Compliance Program 2. Establish A Progress / Benchmark Monitor 3. Quickly Identify Low Hanging Remediation Items 4. Develop a Solid Foundation for HIPAA Risk Analysis 5. Build Deep Understanding At The Onset 6. Get out in front of Meaningful Use requirements on ePHI security 8
  • 9. Contents of the HSA ToolKit 1. HIPAA Security Assessment ToolKit Contents document 2. How to Use the HIPAA Security Assessment ToolKit 3. Comprehensive HIPAA Security Assessment (HSA) Excel Tool, including Instructions, Glossary of Terms, included with HSA Excel Tool, Policies Checklist, Resources & References 4. HIPAA Security HITECH Compliance Roadmap 5. Preliminary Remediation Plan Candidate Items template 6. Data Mountain HIPAA-HITECH Security Rule FAQ 7. Iron Mountain HIPAA Primer What You Should Know About the New Regulations 8. 2009 CMS' HIPAA Compliance Review Analysis And Summary of Results 9. Office of Civil Rights (OCR) HIPAA Security Standards: Guidance on Risk Analysis 10. Centers for Medicare & Medicaid Services (CMS) Security Standards: Implementation for the Small Provider 11. Complete copy of HIPAA Security Final Rule (45 CFR Parts 160, 162, and 164) 9
  • 10. Heart of the HSA ToolKit
  • 11. Features and Benefits of the HSA ToolKit HSA ToolKit Features HSA ToolKit Benefits Low Risk Easily derived immediate remediation steps Low Price and High Value Fast Track to HIPAA Security Rule Compliance Comprehensive tool and resources Low Impact on Client Staff and Operations Short Duration Fast, Immediate Results Proven Quality Developed by Senior, Experienced Professionals Development Team Health Care Expertise HIPAA HITECH Focused Comprehensive, Complete Data Gathering Based on Proven Best Practices Sound Methodology High-Quality, Credible Outcomes Process View, No-Fault Appraisal Baseline for Compliance Program 11
  • 12. Contact Bob Chaput www.HIPAASecurityAssessment.com bob.chaput@HIPAASecurityAssessment.com Connect: www.linkedin.com/in/bobchaput Follow me: Twitter.com/bobchaput HITECH Security Advisors, LLC 12