Part II: A deeper dive into the Risk Analysis
One of the most common non-compliance findings by the Office for Civil Rights (the governmental entity that enforces HIPAA) is failure to perform or performing an inadequate risk analysis. In this session, we will dive deeper into the risk analysis requirement and look at the structure of a risk analysis as well as best practices for performing, documenting and addressing the findings.
Click here to watch it now!
Dena M. Castricone, Esq., CIPP/US, CIPM
Dena is a privacy and healthcare attorney with over 17 years of legal experience. Prior to opening her own law practice, Dena served as the General Counsel and Chief of Privacy at one of the largest federally qualified health centers in the country. Also, Dena was a partner at the firm of Murtha Cullina LLP. At Murtha, she was the Chair of the Privacy and Cybersecurity group and a member of the Healthcare group. With an extensive background in privacy and cybersecurity, Dena advises healthcare providers and other businesses on compliance with various state, federal and international privacy laws and has substantial experience navigating health privacy challenges.
Sammy De La O, Director of Quality and Compliance at IT Direct
Sammy has been working in IT for 20 years, including as an engineer and quality manager. With the last 8 years focused on cybersecurity and compliance Sammy has focused on regulatory requirements for IT in the manufacturing, healthcare, life science and finance industries. Sammy maintains a passion for helping organizations grow stronger and more resilient through consistent and high-quality standards for IT and compliance.