Syllabus
- Brief overview of PCT’s Security Officer Training Program
- The Security Officer’s World
- The Security Officer’s role in the practice’s operations.
- The Security Officer’s role in the practice’s interface with government agencies, clients, and other outside entities.
- Federal and state authorities in the world of HIPAA compliance.
- A year in the life of a Security Officer
- Risk analysis, policies and procedures, training, and ongoing security activities.
- Managing security incidents, and responding when practice staff violate security policies.
- Your Security Risk Management Program
- Value and goals of a security risk management program
- Protecting clients and preventing client complaints
- Protecting the practice and its staff
- Preventing security breaches
- Resourcing staff members to perform their roles effectively and securely
- The PCT strategic model for security risk management: “Keep It In The Circle”
- A definition of “the circle” of security for client information
- Specific rules for how to establish and maintain a secure circle
- HIPAA Business Associates
- Staff using personal services and personal devices
- Providing staff with sufficient resources and guidance to perform their work roles
- Strategies and best practices for maintaining the secure circle
- Culture-setting
- Assessing staff needs
- Maintaining security of services and physical assets
- Ongoing risk assessment
- Maintaining security catalogs and security activity logs
- Working with staff to help them do their part in maintaining the circle
- Formal elements of a HIPAA-compliant security risk management program
- The cycle of activities in a HIPAA-compliant security risk management program
- Risk analysis
- Risk mitigation planning
- HIPAA-compliant security policies and procedures
- HIPAA-compliant security training schedules
- Ongoing activities for security and for compliance with HIPAA’s Security Rule
- Practice operations activities that are explicitly required by HIPAA’s Security Rule
- Where in the cycle should your practice start?
- The cycle of activities in a HIPAA-compliant security risk management program
- Value and goals of a security risk management program