PRIVACY OFFICER ORGANIZATIONAL FUNDAMENTALS

Responsible for Your Organization’s Privacy and Security Program?
Make Sure Your Practice Is HIPAA Compliant – Even Though You Don’t Have the Training, Background (or even interest)

Master the Must-Know Essentials You Need to Oversee Your Practice’s Privacy and Security Program – in Just TWO Days

Reserve Your Place for Privacy Officer Organizational Fundamentals (a.k.a. “POOF”)

REGISTER NOW
POOF DES MOINES

Location: Wildwood Lodge, Clive, IA
September 25 & 26, 2019

 

 

Your practice is required to comply with HIPAA. And you know it’s important – for your organization and your patients.

But when you have zero experience or training to effectively handle the responsibility (not to mention your “real” job to do) … it’s hard to find the enthusiasm to take on such a complex and confusing project. It’s much easier to ignore the issue … and roll the dice that you won’t get caught.

We can help.

Give Us 2 Days … and We’ll Give You Everything You Need to Know

HIPAA compliance is vital – even for small healthcare organizations. A breach can leave you with a financial liability that could wipe out your practice … and impact your personal finances for decades. Plus, protecting your patients’ information is simply the right – and smart – thing to do.

Our 2-day training – Privacy Officer Organizational Fundamentals (what we affectionately call “POOF”) – will teach you everything you need to know to effectively oversee your organization’s privacy and security program – in just 2 days. Discover how to:

  • Design, implement and manage a Privacy and Security Program
  • Evaluate your program’s effectiveness … and plug gaps that leave you exposed
  • Assess vendors offering related services, so you get the protection you need – and a healthy ROI

Based on the Leading Privacy and Security Certification – and Customized for HIPAA

POOF starts by delivering the foundational knowledge that’s needed to take the International Association of Privacy Professionals’ (IAPP’s) Certified Information Privacy Manager (CIPM) exam.

IAPP is the largest and most comprehensive global information privacy community and resource. The CIPM is one of the leading privacy certifications for professionals who serve the data protection, information auditing, information security, legal compliance and/or risk management needs of their organizations.

You’ll then dive deeper into topics specific to HIPAA compliance … learning exactly how to apply solid privacy principles to your specific regulatory environment.

Using state-of-the-art tools and techniques, you’ll engage in hands-on training that teaches you exactly what to do when you get back to the office. By the end of workshop, you’ll have a functional privacy and security program you can put to work immediately.

 

Carosh’s POOF training provided me with an understanding of ways privacy and security breaches happen. The training provided me with the information and tools to properly have high quality and standards in the workplace. I appreciated being able to get feedback and my questions answered during training. I was able to ask for more clarification, so I can properly perform job duties. Due to the training, I feel more comfortable about privacy and security, and to share with staff the importance of privacy/security for the clients we serve on a daily basis. I now have built more policies and procedures to always have privacy and security first priority. I highly recommend this program for any healthcare professional who is committed to protecting patients’ privacy/security.”

Katie Detloff, BA

Chief Compliance Officer, Plains Area Mental Health Center

How You’ll Benefit By Attending

This in-depth training will empower you to:

  • Understand exactly what’s needed to safeguard your practice.
  • Protect patients’ valuable data from dangerous breaches.
  • Recognize privacy and security risks – and the potential employee errors that may leave you exposed.
  • Build a solid understanding of the Privacy Framework – the foundation for an effective privacy program.
  • Approach your program with solid privacy principles that apply to your regulatory environment (HIPAA, SOC 2, PCI, GDPR, etc.).
  • Increase your confidence at being able to handle this important role.
  • Gain peace of mind that you’re properly managing your organization’s privacy and security program.
  • Get a jumpstart on preparing to sit for the CIPM if you choose.*
  • Walk out the door ready to create your organization’s privacy and security plan.

Reserve your spot now.

* This course will be help you begin to prepare for the IAPP’s CIPM exam. Additional studying will be required. We also cannot guarantee that you’ll pass the exam, as that depends on your commitment to preparation and your ability to learn the material. 

Should YOU Attend?

POOF is designed for small- and mid-sized healthcare organizations that are committed to keeping private patient information secure, such as physician practices, dental practices, chiropractic clinics, eye care clinics, physical therapy practices, gastroenterology clinics, dialysis clinics, residential care facilities, home health care – you name it. If you provide any type of healthcare service and your office handles patient information and data … you need to be compliant with HIPAA – and you need POOF.

Whether you’re a: 

  • A full-time Chief Privacy Officer (CPO), Chief Security Officer (CSO), or Office Manager
  • Or your job scope has expanded to include management of your organization’s privacy and security program

POOF will give you the system, tools and guidance you need.

 

“But Our Practice Is Too Small to Count”

Have you told yourself that it’s OK to be ignore HIPAA compliance because your practice is too small to be noticed by federal or state regulators? Think again.

It’s not a matter of IF you’ll experience a breach. It’s a matter of WHEN. And you’ll definitely be scrutinized once a breach occurs.

The results won’t be pretty.

  • You’ll face a minimum fine of $50,000 under federal regulations (and a maximum fine of $2.2 million if you experience the same breach in the same year).
  • You’ll receive additional fines under your state regulations, from Federal Trade Commission regulations, and from collateral regulations that are used to ramp up fines.
  • You’ll likely face a civil suit, where the average award is $1,000 per patient record — and the median-sized breach is 3,500 records.
  • And if it’s proven that you chose to ignore your compliance responsibilities, it’s considered “willful neglect” – and yes, that multiplies the penalties you pay.

And that’s just the start … because fines and penalties average only 15 percent of the total cost of a breach. You also have to pay to redo your policies and procedures, retrain your staff, and audit your program … plus recoup the loss in revenue you’ll suffer when your reputation takes a beating and patients abandon your practice.

“As far as the biggest surprise, just how involved it is. I think that risk of an incident with my small business is pretty small; however, it if does happen the fines are huge. So it is kind of like insurance – you hope you don’t need it, but if you do you want to make sure that it is comprehensive!”

Lacey Peters, M.A., CCC-SLP/L

Owner, Speech Language Pathologist, Teaching Tots to Talk

And Yes, Your Organization IS Already Experiencing Breaches.

(You Just Haven’t Uncovered Them Yet.)

Privacy and security breaches come in all types of disguises … from unauthorized access to patient records by an employee, to incorrect sharing of information (think accidentally sending a patient record to the wrong fax number), to improper disposal of old patient records, to flat-out theft by hackers.

In one industry survey, a whopping 96 percent of respondents indicated that they had suffered a data breach that involved the theft of patient data within in the past 24 months.(1)

Most organizations don’t realize that they’ve experienced a breach until months later – if they notice them at all.

If you can’t afford hundreds of thousands of dollars in fines and penalties and losing 50 percent (or more) of patients who feel betrayed by your inability to protect them, you need POOF.

The 57 Most Important Things You’ll Discover

  • Your 10 main areas of responsibility as a privacy program manager
  • The real costs of poor privacy … and what most organizations overlook
  • Why privacy management is such a hot topic and growing industry – and why your organization can’t afford to ignore it anymore
  • The difference between “personal information” and “personal data” – and why your privacy program must protect both
  • Why privacy strategies must be customized to your organization (and why copying what another organization is doing leaves you vulnerable)
  • Ways to use technical and physical controls to protect information
  • Why audits are an important part of a proper privacy program … and how to pick your auditor
  • 7 questions to ask to ensure you identify and minimize the risk presented by business associates
  • The key privacy data protection laws you need to be aware of – including HIPAA and GDPR
  • Who most organizations overlook when designing and implementing privacy programs – and why this mistake could be fatal to your organization
  • Why keeping a data inventory is critical – and how to create your quickly and easily
  • What your organization must master to be able to ensure that patient information remains secure
And much more – click here to see the full list
  • Your 10 main areas of responsibility as a privacy program manager
  • The real costs of poor privacy … and what most organizations overlook
  • Why privacy management is such a hot topic and growing industry – and why your organization can’t afford to ignore it anymore
  • The difference between “personal information” and “personal data” – and why your privacy program must protect both
  • Why privacy strategies must be customized to your organization (and why copying what another organization is doing leaves you vulnerable)
  • Ways to use technical and physical controls to protect information
  • Why audits are an important part of a proper privacy program … and how to pick your auditor
  • 7 questions to ask to ensure you identify and minimize the risk presented by business associates
  • The key privacy data protection laws you need to be aware of – including HIPAA and GDPR
  • Who most organizations overlook when designing and implementing privacy programs – and why this mistake could be fatal to your organization
  • Why keeping a data inventory is critical – and how to create your quickly and easily
  • What your organization must master to be able to ensure that patient information remains secure
  • The “CIA” Information Security Triad … and how to use it within your organization to improve data security
  • How to calculate and analyze the true Return on Investment (ROI) in your privacy and security program
  • What you’re legally required to do when a privacy breach occurs
  • The 5 most common ways breaches occur … click here to see the full list.
  • The 2 domains in CIPM Certification … and why you should care about both (even if you never plan to become certified)
  • The top 3 reasons organizations begin privacy programs
  • How your location affects what you’re required to do to protect “sensitive” personal information
  • The 3-step process for establishing a privacy program
  • Why a vision or mission statement is vital to creating a strong privacy program … and the 4 key elements to include
  • How to develop a privacy strategy for personal information
  • The 7 most common elements included in data protection regulations
  • 4 critical steps to developing a privacy framework
  • 6 phases for building a privacy team
  • What data inventories and risk assessments are … and how they help you get a handle on what you’re supposed to be protecting
  • The 9 key elements of a data inventory … and what most organizations overlook
  • How to establish the current baseline of what you’re doing to protect patient information … and use it to guide your next steps
  • The 4 phases of the privacy policy life cycle … and what you should do in each phase
  • What a privacy assessment is … and how to tell if your organization needs one
  • The difference between “education” and “awareness” when it comes to your privacy program … and the role that each plays in protecting patient information
  • 7 steps to starting a privacy maturity model
  • How to determine the privacy legal requirements you need to follow by asking 7 powerful questions
  • Think privacy is only your responsibility? No! These 6 departments all play a role
  • The 5 characteristics of good metrics … and how they’ll make it easier to monitor the effectiveness of your privacy program
  • The 10 types of metrics you need to develop to fully understand how well you’re protecting data
  • The #1 thing you need to know about your organization to interpret how the various privacy requirements affect you
  • Who within your organization should be involved in privacy (hint: you should not be the only one!)
  • The types of data that gets collected in each department … and how to make sure everyone is conforming to regulatory practices when collecting, using and sharing information
  • The 11 principles of the proper management of data and information
  • The potential standards that determine how risk is identified, controls are selected and implemented, and risk is tracked
  • Two forms of privacy controls … and when to use each
  • 14 critical competency areas that need to be developed to improve information security … and what needs to be done in each area
  • The 7 fundamental principles of privacy by design … and how using them strengthens your privacy program
  • Which processes need to be analyzed with privacy metrics
  • The 5-step metric life cycle … and which most often get missed
  • One of the easiest ways to choose the metrics you’ll develop
  • 5 potential errors you can make when using metrics – and how to protect against them all
  • Your choices for how you’ll monitor metrics … and how to pick the right form for your organization’s needs and situation
  • Strategies for monitoring and analyzing the trends in your organization’s privacy and security program
  • What factors to consider when defining the value of an information asset
  • The 3 types of audits you need to conduct – and how often to use them
  • The most commonly overlooked and underestimated component of any privacy program
  • 3 things you must do when reviewing and monitoring the framework of your privacy and security program – and how often these things should happen
  • 11 stakeholders to notify when a breach occurs
  • A proven 5-step process for handling privacy and security incidents
  • 8 activities your response team should undertake as soon as a breach is discovered

And much more – reserve your spot now.

“Previous to my taking office the Privacy Officer had been passed between previous employees in other departments and the records were not up to date or complete as to what had been done to keep up with compliance. Figuring out where to begin was a daunting task. Roger Shindell has made the process of getting Louisa County, up to speed and in compliance with the HIPAA Laws a very smooth transition.”

Sandi Elliot

County Auditor, Louisa County, IA - Southeast Iowa Link

 Meet Your Privacy Mentor

POOF is taught by one of the country’s leading healthcare privacy and security experts, Roger Shindell, M.S., CHPS, CISA, CIPM, the CEO of Carosh Compliance Solutions. Roger currently chairs the HIMSS Privacy and Security Committee’s Risk Assessment Work Group and serves as a Council Member of AHIMA’s Privacy and Security Practice Council. He has more than 30 years of multidisciplinary experience and has served as an advisor and principal in healthcare, technology, and service companies.

Carosh Compliance Solutions is a leading provider of HIPAA compliance solutions and training. Our goal is to guide you through the process of creating a HIPAA privacy and security program as quickly and cost-efficiently as possible, so you can get back to doing what you do best – taking care of patients and clients.

What You’ll Receive

 When you register for POOF, you’ll receive:

  •  Instruction from a top healthcare privacy and security expert, Roger Shindell, M.S., CHPS, CISA, CIPM, the CEO of Carosh Compliance Solutions.
  • A spot in this 2-day, limited-seating training workshop. To make sure you get plenty of personal attention to have your questions answered, we keep the group small. (A $2,500 value)
  • A workshop binder containing slides, worksheets, checklists, resources and other tools. Capture your notes in the binder and refer to these materials again and again once you get back to the office. (A $500 value)
  • Breakfasts and lunches. We’ll arrange these meals so that you can maximize the time you spend networking with your peers. (Dinners are on your own.) (A $100 value)
  • A cocktail and networking reception. As the designated privacy officer for your organization (whether that’s your title or not), you bear a serious responsibility – and face numerous challenges few understand. Here’s a fun opportunity to meet, commiserate and brainstorm with your peers. (A $50 value)
  • Enrollment in Carosh’s POOF Implementation e-coaching program. This complimentary 8-week email series will help you break the tasks of implementing all you learn during POOF into manageable chunks. (A $1,000 value)
  • A private strategy session with a Carosh privacy and security expert. Use this session to map out your implementation plan or get advice for tackling your top implementation hurdles. (A $500 value)
  • A 60-minute group Q&A call for implementation guidance. Delivered about one month after the training, this session (delivered via teleconference) is where a Carosh privacy and security expert will answer your questions and help tackle your biggest challenges. (A $500 value)

That’s a total value of $5,150.

“The training was very informative. I had the chance to work with Carosh Compliance Solutions when updating the HIPAA program for the company I was previously working for. Attending this training enabled me to go a step farther and mentally put everything together as to why the policies and procedures are needed and important. The other participants at the training were amazing, and I learned more from their experience and insights, as well. I would highly recommend this training to anyone involved in privacy and security issues involved with a multitude of business types.”

Stephanie Lathrop

Iowa

2 Easy Registration Options

Clients regularly pay Carosh $30,000 or more to design, implement and manage a privacy and security program using the principles you’ll learn during POOF.

But you’ll invest a tiny fraction to master this material – just $2,499.

And to make registration easy, you can:

  1. Make a $500 deposit to lock in your spot (the balance is due 5 business days before the training)
  2. Or pay in full today so you don’t have to think about it again.

Your Delight Is Fully Guaranteed

Attend the entire training and participate in all of the activities. If you don’t agree that POOF teaches you what you need to:

  •  Confidently design, implement and manage a privacy and security program
  • Evaluate your program’s effectiveness
  • Assess vendors offering related services

… simply turn in your course materials at the end of the day, and we’ll refund every penny of your tuition.

“It has given me a calm about moving forward and being in compliance, with no fear about what the future is going to hold because I’m going to be in compliance. If I use the very steps that you all have provided today it’s going to happen, it’s not a problem, and it’s just one less thing.”

Cheryl Carswell

Owner, Georgia Family Crisis Solutions

Want to Go All the Way and Prepare Take the CIPM?
POOF will help

By completing POOF, you’ll be taking an important first step in preparing to sit for the IAPP’s CIPM exam. Becoming a CIPM is a powerful way to demonstrate your commitment to patient privacy and security, and will require additional study time, materials and fees. Join the below list of companies that rely on the IAPP for their privacy guidance and certifications:

Taking POOF doesn’t guarantee that you’ll pass your exam. But we’re here to support you until you do.

By upgrading your registration to include the CIPM preparation package, you’ll also receive:

  • An electronic copy of Privacy Program Management: Tools for Managing Privacy Within Your Organization, the textbook that IAPP uses for the CIPM. You’ll receive 24/7 access through the MyIAPP portal. (A $500 value)
  • A one-year membership in the IAPP, the largest and most comprehensive global information privacy community and resource. (A $250 value)
  • A test voucher to take the CIPM one time. (The IAPP warns that the exam is difficult and may require taking multiple times to pass.) (A $550 value)
  • Complimentary access to Carosh’s CIPM review sessions. Held via teleconference approximately once per month, these sessions give you the the opportunity to get your questions answered by a CIPM. (A $1,200 value)
  • Attend POOF again, as many times as you wish before you pass the CIPM exam, for a steeply discounted rate of $250. (A $2,250 minimum value)

You’ll receive these additional benefits when you upgrade your registration to include the preparation package for an additional $900.

Reserve Your Place Now

Frequently Asked Questions

I don’t have a corporate credit card. How else can I pay?

For alternative payment arrangements, please call (877) 778-1816.

If this answers your question, reserve your spot now.

Are meals included?

Breakfast and lunch will be provided both days. In addition, you’re invited to a farewell cocktail and networking reception at the end of Day 1. Dinner is on your own both nights.

If this answers your question, reserve your spot now.

What is the schedule for this 2-day training?

Here is an overview of the POOF training schedule. (All times are Central Daylight Time.) Please note that the training will start each morning at the time listed. Throughout the rest of the day, there may be minor changes in the schedule.

Day 1 – Privacy & Security Fundamentals and Governance

7:00am-7:45am Registration Check-In and Welcome Breakfast Conference Hall/Thunder Bay
7:45am-8:00am Opening Remarks Thunder Bay
8:00am-9:30am Why Privacy Management? Thunder Bay
9:30am-9:45am Break/Networking Thunder Bay
9:45am-12:00pm Establishing a Privacy Program Thunder Bay
12:00pm-1:00pm Networking Luncheon Thunder Bay
1:00pm–2:30pm Strategic Management of Privacy Thunder Bay
2:30pm–2:45pm Break/Networking Thunder Bay
2:45pm–5:00pm Data Protection Thunder Bay
  Dinner: non-gratis

Day 2 – Privacy Operational Life Cycle

7:00am-7:45am Check-In and Networking Breakfast Conference Hall/Thunder Bay
7:45am-9:30am Assessing in Privacy Management Thunder Bay
9:30am-9:45am Break/Networking Thunder Bay
9:45am-12:00pm Protecting Data in Privacy Management Thunder Bay
12:00pm-1:00pm Luncheon/Breakout Session Thunder Bay
1:00pm–2:30pm Sustaining Privacy Thunder Bay
2:30pm–2:45pm Break/Networking Thunder Bay
2:45pm–4:45pm Responding to Security Incidents or Breach Events Thunder Bay
4:45pm–5:00pm Speaker Panel & Closing Remarks Thunder Bay
5:00pm–6:00pm Farewell Cocktail Reception Thunder Bay
  Dinner: non-gratis 

If this answers your question, reserve your spot now.

Am I required to take the CIPM exam to complete this course?

No. POOF is based on the body of knowledge covered in the IAPP’s CIPM certification. It then goes one step beyond to add topics specific to HIPAA. Sitting for the CIPM is optional – and is not a part of this workshop.

If this answers your question, reserve your spot now.

Is the CIPM certification included?

No. POOF teaches the foundational information you need to pass the certification exam … but preparing for and taking the exam is something you will do on your own, outside of this workshop.

If you would like to take the CIPM exam and receive extra support, you may wish to sign up for our enhanced registration option, which offers: 

  • An electronic copy of Privacy Program Management: Tools for Managing Privacy Within Your Organization, the textbook that IAPP uses for the CIPM. You’ll receive 24/7 access through the MyIAPP portal. (A $500 value)
  • A one-year membership in the IAPP, the largest and most comprehensive global information privacy community and resource. (A $250 value)
  • A test voucher to take the CIPM one time. (The IAPP warns that the exam is difficult and may require taking multiple times to pass.) (A $550 value)
  • Complimentary access to Carosh’s CIPM review sessions. Held via teleconference approximately once per month, these sessions give you the the opportunity to get your questions answered by a CIPM. (A $1,200 value)
  • Attend POOF again, as many times as you wish before you pass the CIPM exam, for a steeply discounted rate of $250. (A $2,250 minimum value)

If this answers your question, reserve your spot now.

I’m not sure if this is the right workshop for me. How can I be sure?

Let’s talk! We offer a variety of training solutions, and we’re happy to help you find the best path forward based on your organization, resources, time and interest. Call us now at (877) 778-1816 or book an appointment.

If this answers your question, reserve your spot now.

Didn’t Receive Your 20% Discount Code?
Loading...
To receive your 20% discount code please fill out the following:
* Required
Who Should Attend?

The training can be beneficial to all executives and senior personnel individuals designated as the Chief Privacy Officer (CPO), Chief Security Officer (CSO), Office Manager and others.

Venue Information

Steak & Grapes
Address: 16920 Wright Plaza #118, Omaha, NE 68130
Phone: (402) 884-8966

For more information: https://www.steakandgrapesomaha.com/

Can't Make It? Too Far? Tell Us Where To Go Next!

If you are unable to attend this training, please provide an alternative location that is convenient for you.

Loading...
* Required

Media Inquiries
For more information contact:

Mary-Louise Harkins
E-mail: Media@carosh.com
Phone: (219) 310-2499

* This course will be help you begin to prepare for the IAPP’s CIPM exam. Additional studying will be required. We also cannot guarantee that you’ll pass the exam, as that depends on your commitment to preparation and your ability to learn the material. Contact us at Info@Carosh.com to learn more.

(1) “Second annual benchmark survey on Patient Privacy and Data Security,” Ponemon Institute.

Reserve Your Spot at POOF

Start By Picking Your City Below…

REGISTER NOW
POOF DES MOINES

Location: Wildwood Lodge, Clive, IA
September 25 & 26, 2019