Start Date: 9/23/2020 8:00 AM EDT
End Date: 10/2/2020 5:00 PM EDT
Venue Name: Via Location
HIPAA Security Risk Assessment services will include but are not limited to:
The West Virginia Primary Care Association (WVPCA)
is partnering with Online Business Systems
to provide on-site HIPAA Security Risk Assessments for West Virginia Community Health Centers.
Online Business Systems will perform the assessment to identify risks to the confidentiality, integrity, and availability of electronic Protected Health Information (ePHI) as defined by the Department of Health and Human Services. Online will provide written recommendations regarding any identified gaps in compliance with HIPAA regulations. Online Business Systems will work with the health center to mitigate any identified gaps and help the organization work toward HIPAA compliance and the HITECH Act information security requirements. Estimated timing of Risk Assessment for clinics will be determined based on the number of clinics participating.
- HIPAA Compliance Gap Assessment
- Policy and Procedure Review
- Interviews with IT, HR, Training, Credentialing, HIM, Facility Managers
- Physical Security Inspection
- Review of Telehealth Processes and Procedures
- Assessment of Vendor Management Processes and Business Associate Agreements
- Development of Risk Assessment Report
Online’s approach is highly collaborative. At any point during the Security Risk Assessment, identified non-compliant issues will be communicated to the Points of Contact in a manner agreed upon during the kick-off meeting.
Each party will designate a Single Point of Contact (“SPOC”) that has the authority to represent such party and has decision-making authority for most matters. All material communications should be conducted through the SPOCs which will either be in writing or summed up in writing.
At the conclusion of this engagement, each health center will be provided a Security Risk Assessment Report, which will clearly identify any identified security risks and recommendations to assist in addressing identified risks as part of a Security Risk Management process. Upon request, Online will also provide a letter attesting to the fact that the organization conducted a security risk assessment on the given dates and an overall opinion on the compliance status of the organization.
This event is intended for Health Center Controlled Network (HCCN) participating FQHC's and LALs.
Please note that limited participation slots are available for CHC SRAs!!! Assessments will be provided on a first come, first serve bases.
Registration Closes October 2, 2020 at 5:00pm
: Classes or events sponsored by the West Virginia Primary Care Association (WVPCA) may be photographed, video-recorded, or audio-recorded. Attendance at a WVPCA class or event constitutes the consent of all attendees. The future broadcast, publication, or other use of photographs, videos, or recordings is solely at the discretion of the WVPCA.
: This project is supported by the Health Resources and Services Administration (HRSA) of the US Department of Health and Human Services (HHS) under grant #H2QC30254, entitled Health Center Controlled Networks for the amount of $910,000. These funds equal approximately 100% of the funding for this event. This information or content and conclusions are those of the author and should not be construed as the official position or policy of, nor should any endorsements be inferred by HRSA, HHS, or the US Government..