HIPAA Security for Employer Plans and Business Associates

A Framework for Compliance

For one registration fee ($279), you and your co-workers can gather in one room to attend the web seminar together via a single web connection.

How safe is your electronic health information? With enhanced penalties and heightened enforcement plus new rules that make business associates directly subject to the security requirements, effective compliance with HIPAA’s security rule is more important than ever. Whether your organization sponsors employee health plans or provides plan services as a business associate, gather your benefits, IT, and risk management professionals for this 90-minute web seminar and let our experts translate HIPAA security standards into plain English and provide a framework for achieving compliance.

Originally presented on June 9, 2011.

Seminar Level

Intermediate Difficulty

Topics Covered

Here’s some of what was covered:

  • Identifying electronic protected health information (ePHI) subject to the HIPAA security rule, and distinguishing other electronic information held by employers that may be outside the rule.
  • Assembling an interdisciplinary security team and designating your security official.
  • Conducting the required risk analysis, including how to identify and inventory where ePHI is used and maintained throughout your organization, who has access to it, and what risks threaten its confidentiality, integrity, and accessibility.
  • Assessing compliance with HIPAA’s 22 security standards and 41 implementation specifications, including the difference between “required” and “addressable” specifications and examples of the most common issues.
  • Documenting the results, including how to develop effective policies, procedures, and workforce training.
  • Business associate impacts, including amendments to business associate agreements and the need for the business associate’s own risk analysis, policies and procedures, and workforce training.


Speakers: John R. Christiansen and Aline G. Haffner. Mr. Christiansen is an attorney and principal in Christiansen IT Law in Seattle. He is a frequent national speaker and, among other positions, serves as Chair of the ABA’s HITECH Business Associates Task Force. Ms. Haffner is an attorney, Senior Editor at EBIA, and the Editor and a Contributing Author of EBIA’s HIPAA Portability, Privacy & Security manual.

Handouts: A handout of the seminar slides and other information is provided through download.

Viewing Details

  • Accessing the recorded web seminar: After you purchase a recorded web seminar, you will receive an email with access information. You and your co-workers (not clients or others, please) may then view the recording as many times as you wish for 60 days. An Internet connection is required to view the recording; it can be stopped and started as needed and has a table of contents for easy navigation.
  • Recordings are accurate as of the date presented: Our recordings are accurate as of the presentation date of the live seminar. We supplement handout materials with articles from the EBIA Weekly covering significant later developments. You must check the table of contents at your access link for updates before viewing a recorded seminar.
  • Please respect our copyright: Do not record the web seminar. Share the access link and materials only with those employed by your company (not clients or others, please). For details on our copyright policy, please visit our Copyright page.

System Requirements for Recorded Web Seminars

EBIA uses WebEx technology for the seminar.

EBIA Weekly

Keep up on all the latest developments with our
FREE email newsletter.

Sign up for EBIA Weekly!

Weekly Archives »

Web Seminars

View all »

Search help »

News and Information

View all »