The Medicare & Medicaid EHR Incentive Programs have changed since they began in 2011 and were widely known as Stage 1 Meaningful Use (MU).
Now they are officially known as the Promoting Interoperability (PI) Programs. One thing has remained constant since 2011: The mandatory requirement to do a HIPAA compliant Risk Analysis and Risk Management (RA-RM) each calendar year. However:
- Certified EHR products do not include RA-RM tools or instructions
- Use of a Certified EHR does not fulfill the RA-RM PI requirement
- The HIPAA Security Rule does not explain how to do RA-RM
- OCR's brief RA-RM guidance on its website created 10 years ago is based on a 2002 NIST manual that was withdrawn in 2012 and entirely superseded by another manual
- OCR has issued several versions of an 'SRA Tool' designed only for small providers based on different NIST manuals that also have been withdrawn and carries a disclaimer that use of the SRA Tool does not guarantee HIPAA compliance
This webinar will explain clearly CMS Promoting Interoperability program requirements for performing and documenting your annual, mandatory HIPAA Risk Analysis & Risk Management requirement and:
- The best RA-RM practices to protect your organization
- How to do a complete RA-RM in simple steps demonstrated by screenshots of interactive forms guiding any user through a HIPAA compliant RA-RM whether they have a technical background or not
- Why RA-RM is so important beyond meeting CMS PI requirements
Most important, you'll see how to identify and manage Risks to the Privacy and Security of protected health information (PHI) maintained and transmitted in any form that seriously endangers your organization's well-being. HIPAA RA-RM is easy to do step-by-step – when you know the steps.
Areas Covered in the Session:-
- The exact CMS Promoting Interoperability HIPAA RA-RM Required Measures you must attest that you have completed and documented
- HIPAA RA-RM in 3 Acts
- Act 1- Setup - Risk Analysis
- Assemble Information -Identify, Document and Assess the level of Risks
- Act 2 - Confrontation - Risk Management - Documented Actions to Manage Risks
- Act 3 - Resolution - Risk Management Program - Focused on your Organization's Risks- Documented and Active
- A realistic understanding of the danger senior management, owners, and organizations face if they fail to do HIPAA RA-RM
- Clear, easy to understand explanation of HIPAA Risk Analysis and Risk Management following NIST procedures demonstrated onscreen by illustrations from interactive software based on NIST procedures interlinked with HIPAA standards, implementation specifications, and compliance policies and procedures
- How administrative staff of Covered Entities and Business Associates of any size can complete a HIPAA RA-RM efficiently every year with step-by-step guidance even if they have never done one before.
Why should you Attend?
You must do a HIPAA RA-RM to qualify for Medicare & Medicaid EHR Incentive Programs. If you don't but say you did, you could not only be forced to give up the financial incentive; you could be subject to a criminal violation of the False Claims Act.
This webinar will show you what you need to do to meet the CMS HIPAA RA-RM measure, how to do a complete HIPAA RA-RM step-by-step and how easy it is to follow those steps when they are explained.
You should attend this webinar to learn why you must worry about not doing a HIPAA RA-RM properly - and how you can stop worrying by simply doing a HIPAA RA-RM as required every year.
Who Will Benefit?
Medicare - Medicaid enrolled Health Care Providers using Certified EHRs
- Health Care Provider Owners
- Health Care Provider Practice Managers
- Health Care Provider CFOs
- HIPAA Compliance Officials
- HIPAA Privacy Officers
- HIPAA Security Officers
- Health Information Technology Supervisors
- Health Care Provider Risk Managers
- Health Care Providers practicing as individuals or in small groups
- Health Care Provider Senior Management
- Attorneys for Covered Entities – In-house and Outside Counsel
- Compliance Committee - Health Care Provider Board of Trustees
- C-Suite Executives - all Health Care Providers
- Chief Compliance Officers - all Health Care Providers