Creating and Implementing Effective Security Policies
Before creating effective security policies and procedures it is important for organizations to understand the significant differences in these two terms. This presentation will explain why you need policies, the key steps to creating effective policies, whom to involve, and the characteristics of an effective policy.
In this session we will review these steps and create a draft policy example on training and its importance in policy creation, promulgation, enforcement and compliance.. We will also review the key HIPAA Standards and offer recommendations with regards to what should be included and why.
Why should you attend:
The key to the HIPAA Security rule compliance is creating, implementing and monitoring effective security policies. Organizations subjected to an OCR audit will be asked for their written policies and procedures. Policies are management’s desires on how they want the organization to operate and procedures are the process to implement management’s wishes. In this session, we will review techniques to create policies with muscle that are effective in reducing risks to the organization. HIPAA requires that organizations have written policies that are implemented.
Areas Covered in the Session:
Who Will Benefit:
- How to create policies and Procedures
- Educate your users
- Monitoring your Policies
- Establishing Security Sanctions for your Policies
- Information Security Officers
- Compliance Officers
- Chief Information Officers
Upon completion of this activity, participants will be able to:
- Explain the procedures and key steps to creating effective policies and the characteristics of an effective policy.