Description

HIPAA/HITECH requires each covered entity (physician practices, hospitals, pharmacies, health plans and others) and their business associates, to have security policies and procedures in place, and to conduct and document a Security Risk Assessment.  Not only is this a good business practice, it can help avoid a breach under HIPAA, which can have very serious financial and reputational consequences.  This internet activity enduring material will concentrate on the federal requirements for protecting electronic protected health information (ePHI), provide an overview of HIPAA security policies and procedures required for physician practices, and describe how to conduct the HIPAA-mandated Security Risk Assessment.

This internet activity enduring material was produced by Medical Mutual for Professionals Advocate and Medical Mutual policyholders.

About the Presenter:

Melissa (Lisa) Thompson, JD, MPH, is a health care lawyer and life sciences regulatory attorney practicing with LeClairRyan, PC, a national firm with offices in Annapolis, Maryland, and other locations across the country

Lessons

Security Risk Assessment