Turning Good Information Security Into Good HIPAA Compliance

Attending HIMSS 2019 in Orlando next week? Don’t Miss Adam Greene’s session: Turning Good Information Security Into Good HIPAA Complianc

It may seem odd, but you can have a robust, mature information security program but terrible compliance. In fact, recent HIPAA audits revealed exactly that for organizations that had focused heavily on information security. This session will bridge the gap between good information security and good HIPAA compliance, addressing what the regulators are looking for and how their expectations differ from typical information security practices. It will provide practical takeaways regarding how to ensure that you are conducting a risk assessment and implementing a risk management plan that will pass muster with regulators, how you can ensure that you get credit for the good information security work you are doing and the regulators' expectations for policies and procedures.

Learning Objectives:

• Develop a risk analysis and risk management that is consistent with HHS Office for Civil Rights expectations
• Identify evidence of implementation of controls that can be used to respond to a regulatory investigation of HIPAA compliance
• Develop policies and procedures that have the level of detail that the HHS Office for Civil Rights expects
• Identify key areas of the Office for Civil Rights' interpretation of the HIPAA Security Rule that differ from standard information security practices
• Prepare for an Office for Civil Rights HIPAA Security Rule audit

For more information on HIMSS 2019, please click here. Hyperlink: https://www.himssconference.org/