Mastering HIPAA HITECH Security Risk Assessments: A Step-by-Step Compliance Guide
Brian L. Tuttle
April 04,2025
1:00 PM EST
90 Minutes
Recorded Webinar
How to Conduct a HIPAA HITECH Security Risk Assessment
This course will cover the proper methodologies on conducting a HIPAA Risk Assessment based on the formula used by Federal auditors and via the guidelines of the NIST (National Institute of Standard for Technologies). The course will also cover the most important aspects to be aware of in terms of the Federal auditing process as well as the new risks regarding patients suing for wrongful disclosures.
Areas Covered:-
- Updates for 2025
- Policies and Procedures
- Risks
- Business associates and the increased burden
- NIST based Risk Assessment
Why Should You Attend?
Have you done a HIPAA Risk Assessment? Do you know that a risk assessment is the first thing the Feds will ask for in an audit? Is your risk assessment adequate? Do you have written policies in place for every single one of the implementation specifications of the HIPAA Security Rule (even ones that don't apply)? Do you know this is required?
I will show how to conduct a PROPER risk assessment point by point and how to avoid scams in the market. We will also be discussing the absolute importance of doing a risk assessment and that this is the first thing the OCR will ask for. I will instruct the listeners on how to write proper policies and procedures, which are to be based upon the findings of the risk assessment, and how to word the policies to satisfy the Fed. We will also discuss the importance of having policies that are consistent with your procedures and also discuss the negative ramifications of cookie cutter templates in the eyes of the HHS.
Who Will Benefit?
This webcast will be of a valuable assistance to the below audience.
- Healthcare business associates
- Practice managers
- MDs and other medical professionals
- Any business associates who work with medical practices or hospitals (i.e., billing companies, transcription companies, IT companies, answering services, home health, coders, attorneys, etc)
Companies/Organizations
- Private practice
- Hospitals
- Billing companies
- Transcriptions companies
- Home health groups
- Health insurance
- Ambulatory
- IT companies
- Attorneys
Association/Societies
- Practice Managers Associations.
Download the Order Form
Find More Healthcare Webinars
Revenue Recovery: Stop Unfair Insurance Denials and Recoupment
Upcoming New 2025 HIPAA Changes and Beyond
Complying with OCR Section 1557: Discrimination, Interpreters, Required Signs, and More
Medicare Provider Enrollment 101: Complete Enrollment and Credentialing Process for Providers
Did you know that this online training is included in the 3-Month All Access Pass?
For just $209, you can register for this session alone — or upgrade to the 3-Month All Access Pass for $999 and give yourself and your entire team unlimited access to all 100+ online trainings 2025-2026!
Brian L Tuttle is a Certified Professional in Health IT (CPHIT), Certified HIPAA Professional (CHP), Certified HIPAA Administrator (CHA), Certified Business Resilience Auditor (CBRA), Certified Information Systems Security Professional (CISSP) with over 17 years of experience in Health IT and Compliance Consulting.
With vast experience in health IT systems (i.e. practice management, EHR systems, imaging, transcription, medical messaging, etc.) as well as over 22 years of experience in standard Health IT with multiple certifications and hands-on knowledge, Brian serves as a compliance consultant and has conducted onsite and remote risk assessments for over 1000 medical practices, hospitals, health departments, insurance plans, and business associates throughout the United States.
In addition, Mr Tuttle has served in multiple litigated court cases serving as an expert witness offering input related to best practices and requirements for securing and providing patient access to protected health information. Mr. Tuttle has also worked directly with the Office of Civil Rights (OCR) both in defending covered entities and business associates as well as being asked by the Federal government to audit covered entities and business associates on behalf of the OCR.
Almost all of Brian’s clients are earned by referral with little or no advertising.
Brian is well known and highly regarded in medical circles throughout the United States for his quality work and down-home southern charm Mr Tuttle has a Master’s Degree in The Study of Law from the University of Georgia and operates nationally out of Swainsboro, GA.
