Print Page   |   Contact Us   |   Sign In   |   Register
Remediation Steps Post Preliminary Security Risk Assessment for FQHCs
Tell a Friend About This EventTell a Friend
Remediation Steps Post Preliminary Security Risk Assessment for FQHCs

Over the past month, participating Federally Qualified Health Centers underwent a preliminary security risk assessment review. This webinar is dedicated to reviewing the preliminary security risk assessment results. It will cover an overview of issues identified across all participating organizations and will provide some specific recommendations to the individual participating members to mitigate any noted findings.

4/17/2014
When: 4/17/2014
2:00 PM
Where: Webinar
Presenter: Jay Trinckes, Vice President of Information Security at OSIS
Contact: Faiyaz Syed, MD, MPH
517.827.0887

« Go to Upcoming Event List  

 

Webinar 5 in the 5-part series

Over the past month, participating Federally Qualified Health Centers underwent a preliminary security risk assessment review. This webinar is dedicated to reviewing the preliminary security risk assessment results. It will cover an overview of issues identified across all participating organizations and will provide some specific recommendations to the individual participating members to mitigate any noted findings. Based upon permission granted by member, there may be discussions around specific issues.  To register click here.

 

Overview

Michigan Primary Care Association (MPCA), in partnership with Ohio Shared Information Services (OSIS), is proud to present its 5 part HIPAA Compliance/Security Risk Assessment Series. Over the next three months, a series of webinars focused on HIPAA Compliance, Meaningful Use requirements and Security Risk Assessment will be offered by MPCA’s Michigan Quality Improvement Network (MQIN) to all the interested Michigan Health Centers. These webinars are intended to educate participants about the necessary requirements addressed in the HIPAA/HITECH Privacy/Security Rules along with attesting to their Meaningful Use requirements and the need for having a Risk Assessment done. The series will begin with an introduction of the requirements to set the regulatory environment baseline. The remainder of the webinars will address the importance of elevating security to the board room and specific requirements of Meaningful Use. The series wraps up with assisting the participating Health Centers in performing a preliminary security risk assessment; following specific recommendations will be provided to increase organization’s level of security and compliance. Throughout the series, a professional expert with OSIS will be available to provide advice to participants regarding their individual compliance efforts. Participants of this series will gain valuable information to take back to their organizations to assist them in strengthening their risk management and HIPAA compliance program.

 

Why the webinar series?

Health Centers are facing ever increasing regulations as changes in HIPAA/HITECH took place from the finalization of the Omnibus Rule along with increasing security requirements related to electronic health records through Meaningful Use incentives.Why should Health Centers be concerned? Health Information has become a ‘hot’ commodity in the underground markets and is about ten times more valuable than financial information such as that associated with credit cards. Why is health care information so valuable? Individuals can resell insurance information to people who don’t have insurance; they can gain access to prescription drugs, and of course, steal identities to open up fraudulent accounts. Medical identity theft is the fastest-growing crime and has grown over 20% since 2012 costing the U.S close to $31 billion a year. In addition, it can cost an individual over $20,000 to resolve a case of medical identity theft.Civil monetary penalties and class action lawsuits are always a big concern to consider if your Health Center ever falls victim to security breach. Data security breaches cost the U.S. health care industry $6.5 billion annually. On average, it costs a health care organization $233 per individual record breached with the full cost of a breach to a company averaging $5.4 million. Considering federal civil monetary penalties for a privacy/security violation it can cost $50,000 per violation with an aggregate limit of $1.5 million per year and OCR has collected over $50 million to date from enforcement activities, it is definitely more cost effective for a health center to be HIPAA compliant.Individuals attesting to meaningful use are claiming federal funds and should be aware that providing any false, incomplete, or misleading information could subject them personally to civil and criminal penalties. It is imperative that you complete your risk assessment today and comply with the HIPAA/HITECH Privacy and Security Rules. At the end of the day, being HIPAA compliant is about protecting your organization’s information, revenue, and reputation.

 

Presenter:

Jay Trinckes is Vice President of Information Security at OSIS, a 501c(3) non-profit organization that assists Federally Qualified Health Centers with Information Technology and security related services to improve the quality of care delivered to the underserved population. Mr. Trinckes is the author of "The Definitive Guide to Complying with the HIPAA/HITECH Privacy and Security Rules”, (CRC Press, 2012) and "The Executive MBA in Information Security”, (CRC Press, 2010). Recently, Mr. Trinckes has presented on the topic of HIPAA and other related Information Security topics across the country through RAC Monitor, NWRPCA-CHAMPS Conference, NACHC-FOM-IT Conference, and locally through HRSA regional group. Mr. Trinckes is scheduled to present on HIPAA at the Practice Management Institute’s National Conference held in Chicago, Illinois this May. Mr. Trinckes holds a Bachelor’s Degree in Business Administration/MIS along with several certifications such as the Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), National Security Agency (NSA) INFOSEC Assessment Methodology (IAM), and INFOSEC Evaluation Methodology (IEM). Mr. Trinckes brings a wealth of knowledge in information security through his hands-on experience performing risk assessments, vulnerability/penetration tests, developing information security management programs, and from his experiences as a former law enforcement officer.

 
Association Management Software Powered by YourMembership  ::  Legal