As the use of cloud, data processing, data storage, and "everything as a service" organizations has proliferated, so has the need for entities to understand and address the risks associated with managing sensitive information (PHI/PII) themselves as well as ensuring that their partners and business associates are doing likewise. This risk assessment process is required to comply with HIPAA, but the lack of standardized processes and prescriptive controls specified by the requirements in the HIPAA Security Rule make the self-assessment process, preparing for certification, and remediation of compliance gaps a hefty undertaking.
In this webcast, we will discuss two options, System and Organization Controls (SOC) reports and HITRUST Validated Assessments as well as related tools that Covered Entities (CEs) and Business Associates (BAs) can use to demonstrate meeting their HIPAA compliance obligations.
- Define HIPAA and its applicability to my organization, partners and customers.
- Describe the nature and purpose of the various attestation standards as they relate to HIPAA compliance efforts.
- Explain how to design and conduct a SOC attestation to focus HIPAA compliance.
- Utilize a HITRUST Validated Assessment to demonstrate HIPAA compliance.
- Identify additional resources from HTIRUST for managing HIPAA compliance including the MyCSF Compliance and Reporting Pack for HIPAA.
Please note: CPE credits are not awarded for webcast replay.
Recommended Field of Study:
- Timothy Davis, Director, Risk Advisory, Grant Thornton LLP
- Eric Ruzalski, Manager, Risk Advisory, Grant Thornton LLP
- Michael Parisi, Vice President of Business Development and Adoption, HITRUST
Group - Internet
If you have any questions or encounter any difficulties while enrolling, please contact technical support via email at webcastCOE@us.gt.com
, or visit our webcasting frequently asked questions page
If you are experiencing problems viewing or listening to an event, please review the event help guide
that provides minimum requirements and frequently asked questions.