A risk assessment, consisting of a thorough analysis and categorization of the healthcare organization’s data, computer software, hardware, physical location, and employee access and responsibilities, is the first and most crucial step that any organization has to take in developing its plan to protect its health card data and systems.
Any organization in the healthcare sector should ideally catalogue each of these areas, identify potential vulnerabilities, and assess the impact of that vulnerability and its likelihood of happening. The organization should also estimate the costs of the vulnerability, as well as potential costs to remediate against that vulnerability, should the need for it arise.
Once the organization has built this information, it will help it take sensible decisions on the type of a security program that is necessary for it, how it fits within the organization’s budget, what its capabilities and strategic plan are, and what its next steps should be. This detailed step by step process should be the preferred method for any organization.
However, most healthcare organizations are at sea when it comes to formulating and implementing these steps. Many are not even aware if their entity is protected against security threats, computer viruses, data breaches and shutdowns, or even where to start.
This is where security risk assessment is of immeasurable importance. It is the foundation for all of an organization’s security plans, procedures and policies. An absence of such an assessment throws the whole security network into chaos, leaving the organization clueless about which of its data and systems are at risk, what it currently has in place, and where it may be vulnerable.
It is to help clear all these confusions that MentorHealth is organizing a very valuable learning session. This reputable provider of professional training for all the areas of healthcare will offer complete clarity on these and related issues at the webinar it is organizing on May 8. Stanley Nachimson, the principal of Nachimson Advisors, a health IT consulting firm, will be the expert at this 60-minute session.
Please register for this learning by visiting http://bit.ly/2VIefOT.
————————————————————————————————————-
The aim of this session is to help participants clear their many confusions they may have around putting a security risk assessment plan in place. Many organizations may not be clear with even basic questions such as where to start. The most important fact that they need to keep in mind is that they are at risk of HIPAA violations and losing CMS funding for their Electronic Health Record activities if they have not got their security risk assessment right. This webinar is aimed at any healthcare entity that has not done risk assessments on a regular basis-preferably at least once a year-that could have an issue with its security risk assessment.
Aimed for the benefit of Security Officers, Privacy Officers, CIOs, CSOs, Physician Office Managers and Healthcare Provider Managers; this webinar will cover the following areas:
- Definition of Risk Assessment
- Federal Regulatory and Compliance Requirements for the Assessment
- Identifying what Needs to be Assessed
- Defining the Data that an Organization Holds
- Looking at Internal Systems
- Identifying Vendors and Partners and their Risks
- Risk Assessment Tools
- How to Prioritize your Risks and Remediation.
———————————————————————————————————-
About the speaker: Stanley Nachimson’s firm serves a number of clients, including the Cooperative Exchange, EHNAC, and InstaMed. It focuses on assisting health care providers, vendors, and plans with understanding the regulatory environment, assisting in implementation of regulation requirements, and providing advice on HIT industry status and trends.
Stanley is the author of the authoritative paper on the cost of ICD-10 for physician practices, and is an active member of HIMSS, WEDI, and X12.
MentorHealth 