How to Perform a HIPAA Risk Assessment and Write Policies

Training Options Duration: 90 Minutes
Tuesday, October 30, 2018 | 10:00 AM PDT | 01:00 PM EDT

Overview: I will show how to conduct a PROPER risk assessment point by point and how to

also avoid scams in the market. We will also be discussing the absolute importance of doing a

risk assessment and that this is the first thing the OCR will ask for. I will instruct the

listeners on how to write proper policies and procedures which are to be based upon the

findings of the risk assessment and how to word the policies to satisfy the Fed. We will also

discuss the importance of having policies which are consistent with your procedures and also

discuss the negative ramification of cookie cutter templates in the eyes of the Fed.

Why should you Attend:

Have your done a HIPAA Risk Assessment?
Do you know a risk assessment is the first thing the Feds will ask for in an audit?
Is your risk assessment adequate?
Do you have written policies in place for every single one of the implementation specification

of the HIPAA Security Rule (even ones that don’t apply) – do you know this is required!!

Areas Covered in the Session:
NIST base Risk Assessment – how to conduct properly
How to avoid scams in the market
Risk assessment – is not a once and done, must be ongoing and typically annual
How to write policies and procedures based on risk

Who Will Benefit:
Practice Managers
Business Associates
Home Health
Medical Professionals

Speaker Profile
Brian L Tuttle, CPHIT, CHP, CBRA, Net+, A+, CCNA, MCP is a Certified Professional in Health IT

(CPHIT), Certified HIPAA Professional (CHP), Certified HIPAA Administrator (CHA), Certified

Business Resilience Auditor (CBRA), Certified Information Systems Security Professional (CISSP)

with over 18 years’ experience in Health IT and Compliance Consulting. With vast experience in

health IT systems (i.e. practice management, EHR systems, imaging, transcription, medical

messaging, etc.) as well as over 18 years’ experience in standard Health IT with multiple

certifications and hands-on knowledge, Brian serves as compliance consultant and has conducted

onsite and remote risk assessments for over 1000 medical practices, hospitals, health

departments, insurance plans, and business associates throughout the United States.

In addition, Mr Tuttle has served in multiple litigated court cases serving as an expert

witness offering input related to best practices and requirements for securing and providing

patient access to protected health information. Mr. Tuttle has also worked directly with the

Office of Civil Rights (OCR) both in defending covered entities and business associates as well

as being asked by the Federal government to audit covered entities and business associates on

behalf of the OCR. Almost all of Brian’s clients are earned by referral with little or no


Brian is well known and highly regarded in medical circles throughout the United States for his

quality work and down home southern charm Mr Tuttle has a Master’s Degree in Health Sciences

from Georgia State University and works nationally out of Kennesaw, GA

Price – $139

Contact Info:
Netzealous LLC – MentorHealth
Phone No: 1-800-385-1607
Fax: 302-288-6884
Email: [email protected]
Webinar Sponsorship:
Follow us on :
Follow us on :
Follow us on :

Event Details

Registration is closed for this event.

Maurice Gilbert

Maurice Gilbert founded Corporate Compliance Insights in December 2008 to further the discussion and professional knowledge exchange of important, forward-thinking corporate governance, risk and compliance topics.

Related Post