Protect What You Collect: A Guide to HIPAA Risk Assessments

Protect What You Collect: A Guide to HIPAA Risk Assessments

The Health Insurance Portability and Accountability Act (HIPAA) is a series of regulatory standards that outline the lawful use and disclosure of Protected Health Information (PHI) including Electronic Protected Health Information (ePHI). Any organization that is a Covered Entity or Business Associate under HIPAA regulations must complete an annual security risk assessment, then maintain a supporting risk management plan for a potential HHS/OCR audit.

The failure to comply with HIPAA regulations can result in substantial fines being issued – even if no breach of PHI occurs – while breaches can result in criminal charges and civil action lawsuits being filed. A data breach doesn’t just cost you money; it costs you time, resources, and trust.

Learn more about what a HIPAA Risk Assessment entails in this webinar. You will learn:

  • The framework Tego utilizes to conduct HIPAA Risk Assessments
  • The difference between a Covered Entity and a Business Associate and why both pertain to HIPAA compliance
  • Best practices for protecting patient data to avoid a breach or fine.

This webinar is presented by Greg Manson, VP of Security, Audit, and Compliance at Tego.

Request Webinar Recording

    About the Presenter

    Greg Manson, Vice President of Security, Audit, and Compliance
    Following an 18-year career in senior IT management positions across healthcare, medical device and the pharmaceutical industries, Greg transitioned to build the Security, Audit and Compliance department for a popular Raleigh-based MSP. He moved on to do the same for a national MSP servicing clients in all regions of the U.S. Those experiences exposed Greg to a broad spectrum of regulations, compliance initiatives and the gritty world of fighting threat actors. His primary career objective is to help customers reduce risk to their IT systems and data. Greg brings a wealth of security, audit, and compliance experience to Tego including identifying risk through assessment and mitigation, providing systems security management, internal audit and governance solutions, leading SOC 2, Type 2 attestation and ISO 27001 certification initiatives and managing client CMMC, PCI, HIPAA, SOX, GDPR and CCPA programs.

    Greg is an ISACA Certified Information Systems Auditor (CISA) and a Certified Data Privacy Solutions Engineer (CDPSE). He recently became a CMMC-AB Registered Practitioner allowing Tego to become a CMMC-AB Registered Provider Organization positioning us to assist our many customers in the Defense Industrial Base navigate the strict requirements of the Defense Acquisition Regulations Supplement (DFARS).


    By using this website you agree to our updated Conditions of Use and consent to the collection and use of your personal information as described in our updated Privacy Notice, which includes the categories of data we collect and information about your preferences and rights.