Overview:

Before creating effective security policies and procedures it is important for organizations to understand the significant differences in these two terms. This presentation will explain why you need policies, the key steps to creating effective policies, whom to involve, and the characteristics of an effective policy.

In this session we will review these steps and create a draft policy example on training and its importance in policy creation, promulgation, enforcement and compliance..  We will also review the key HIPAA Standards and offer recommendations with regards to what should be included and why. 

Why should you attend: The key to the HIPAA Security rule compliance is creating, implementing and monitoring effective security policies.  Organizations subjected to an OCR audit will be asked for their written policies and procedures.  Policies are management’s desires on how they want the organization to operate and procedures are the process to implement management’s wishes.  In this session, we will review techniques to create policies with muscle that are effective in reducing risks to the organization.  HIPAA requires that organizations have written policies that are implemented.

Areas Covered in the Session:

• How to create policies and Procedures
• Educate your users
• Monitoring your Policies
• Establishing Security Sanctions for your Policies

Who Will Benefit:

• Information Security Officers
• Compliance Officers
• Chief Information Officers

Educational Objectives(S)
Upon completion of this activity, participants will be able to:

• Explain the procedures and key steps to creating effective policies and the characteristics of an effective policy.

CME Credit Statement
This activity has been planned and implemented in accordance with the Essential Areas and Policies of the Accreditation Council for Continuing Medical Education (ACCME) through the joint sponsorship of CFMC and MentorHealth. CFMC is accredited by the ACCME to provide continuing medical education for physicians.

CFMC designates this educational activity for a maximum of 1 AMA PRA Category 1 Credit™. Physicians should only claim credit commensurate with the extent of their participation in the activity.

Other Healthcare Professionals Credit Statement
This educational activity has been planned and implemented following the administrative and educational design criteria required for certification of health care professions continuing education credits. Registrants attending this activity may submit their certificate along with a copy of the course content to their professional organizations or state licensing agencies for recognition for 1 hour.

Disclosure Statement
It is the policy of CFMC and MentorHealth that the faculty discloses real or apparent conflicts of interest relating to the topics of the educational activity. All members of the faculty and planning team have nothing to disclose nor do they have any vested interests or affiliations


Obtaining Certificate of Credit

Colorado Foundation for Medical Care (CFMC) hosts an online activity evaluation system, certificate and outcomes measurement process. Following the activity, you must link to CFMC's online site (link below) to complete the evaluation form in order to receive your certificate of credit. Once the evaluation form is complete and submitted, you will be automatically sent a copy of your certificate via email. Please note, participants must attend the entire activity to receive all types of credit. Continuing Education evaluation and request for certificates will be accepted up to 60 days post activity date. CFMC will keep a record of attendance on file for 6 years.