The TPRM Paradigm Shift: What You Need To Know

By | Previously Recorded

Managing third-party (“vendor”) risk in a holistic manner is a top priority for all organizations. Recent reporting highlights how malicious actors are targeting healthcare data and security weaknesses across the entire supply chain including the third parties that host data for their customers on cloud and hosted platforms.

The reality is that most organizations struggle with various elements of a holistic program not to mention more complicated processes like completing an effective third-party security assessment. The key to solving these challenges is to implement processes and tools that allow the organization to identify, monitor and manage security risks across several hundred third-party solutions within a dynamic, constantly changing environment that relies on many departments to work together in a cohesive fashion.

This webinar will help organizations understand the unique risks faced by healthcare organizations including:

  • Ensuring compliance and building a centralized third-party vendor Business Associate Agreement repository
  • Avoiding a “cookie-cutter” approach to assessing your third parties through a collaborative, third party-specific security questionnaire
  • Using Portfolio Manager to rate your risks
  • Leveraging workflow and process automation to scale your TPRM program
  • Accelerating risk assessments of new solutions during a crisis situation

Improve Your Security Posture with a HIPAA Security Risk Assessment (SRA)

By | Previously Recorded

Performing an SRA is a requirement under the HIPAA Security rule as well as leading risk management frameworks such as HITRUST and NIST. It’s also the key requirement in OCR’s HIPAA Audit Protocol. An annual HIPAA Security Risk Assessment is your opportunity to pause and focus on enhancing the overall resilience and strength of your information security program – and a key component of a complete risk management program.

During this webinar, we discuss:

  • Understanding HIPAA compliance and your responsibilities
  • Leveraging a HIPAA SRA as a foundation for compliance, security and risk management
  • Identifying key controls and how they align with the HITRUST or NIST security frameworks
  • Leveraging your SRA to prepare for an OCR HIPAA Audit
  • Steps you can take to create an ongoing program that prioritizes HIPAA compliance, remediation management and security risk management year round

Understanding HITRUST Scoping: Tips from an Experienced HITRUST Assessor

By | Previously Recorded

Scoping may well be the most critical phase of your HITRUST Certification process. During this phase you must identify the number of control requirements your organization needs to comply with in order to become HITRUST certified.

The larger your Scope, the more complex your Assessment.

Understanding the Scoping process helps organizations truly focus on what systems need to be scoped – saving the organization time and money while more efficiently managing their resources.

This webinar focuses on the intricacies of proper Scoping including:

  • What does HITRUST certify?
  • What is an Assessment Object?
  • Why are your business drivers so important to Scoping?
  • What factors define the Scope for your organization?
  • How do data sensitivity, type and volume of records affect Scope?
  •  The ins and outs of leveraging your cloud hosting provider’s HITRUST certification under the “Inheritance” benefit
  • Why do most organizations over-scope?
  • What are the “trap doors” of improper scoping?
Webinar : Understanding HITRUST Scoping: Tips from an Experienced HITRUST Assessor

Focused Security Risk Assessments – Remote Work in the age of COVID-19

By | Previously Recorded

Focusing and Improving Your Security Risk Assessment 

A basic yet critical practice for healthcare organizations is to perform a security risk assessment, at least annually, and whenever there is significant change in the environment – such as large scale remote work.

 Understand the security implications of remote work at this current unprecedented scale – and how best to prepare and respond to them. Remote Access SRAs evaluate your organization’s current remote access environment and the security risks that may be present. 

During this webinar, Intraprise Health security experts discuss:

  • What is the value to your organization of an SRA?
  • How an SRA is a critical component of crisis management preparedness
  • How to prepare for and execute your SRA
  • How frameworks can be used to enhance the SRA process
  • How to introduce quantitative analysis into your SRA
  • How the prioritized recommendations from your SRA can guide your risk program
  • How to determine your remediation approach


Maintaining vigilance for your healthcare organization includes staying focused on the fundamentals and maintaining solid security practices.


Focused Security Risk Assessments - Remote Work in the age of COVID-19 Slide
Webinar : Focusing And Improving Your Security Risk Assessment

HITRUST Essentials – Catapult Health’s Journey to HITRUST Certification

By | Previously Recorded

Catapult Health’s Journey to HITRUST Certification

Working with Intraprise Health, Catapult’s journey to certification took about one year—faster than many organizations. During this webinar, Joe Bell, Catapult Health’s VP of Technology discusses what he learned along the way to HITRUST certification, how it has impacted his organization and how it will change the way Catapult does business going forward.

Intraprise Health is one of the longest serving HITRUST External Assessors. We hold 2 seats on the HITRUST Assessor Council and one seat on the Quality Assurance Subcommittee.

Catapult Health is a National Preventive Healthcare Practice that has served over 600,000 patients.

Listen as Joe discusses where Catapult was at the beginning of their HITRUST journey—what procedures and processes were already in place—and what hurdles they overcame at each stage of the HITRUST journey.

Gain a stronger understanding of:

  1. Scoping and assessments
  2. Identifying Risks/Gaps
  3. Risk Remediation
  4. Testing/Validation

At the end of the webinar, participants will understand the phases of certification and how to work with a HITRUST Advisor to identify areas in your program that need improvement, remediate risk within your organization, and be well-prepared to submit an application for HITRUST certification.

HITRUST Essentials - Catapult Health's Journey to HITRUST Certification Slide
Webinar : HITRUST Essentials - Catapult Health Journey to HITRUST Certification

Performing an Annual Security Risk Assessment

By | Previously Recorded

What you need to know about a HIPAA SRA 

Listen as our security experts discuss:

The requirements for performing a HIPAA SRA under Federal and State law

  1. Regulations and guidance from HHS, OCR and other agencies?
  2. How often do you have to perform an SRA?
  3. What if you are HITRUST certified?
  4. How to review policy and process documentation
  5. How to assess your technical environment

Gain a better understanding of industry best practices, as well as:

  1. How to use frameworks to support your SRA
  2. What your resultant data should look like
  3. What are some of the most common mistakes organizations make when undertaking an SRA

Learn how to get the most out of your SRA and improve your security program

Listen to our webinar and gain a deeper understanding of the components of an SRA, as well as the deliverables you should have after the completion of an SRA.

HIPAA SRA Webinar Title Slide
Webinar : Performing an Annual Security Risk Assessment

Third-Party Risk Management: The essential elements of a strong program

By | Previously Recorded

Listen as our panel of cybersecurity experts share the elements of a strong third-party risk management program.

Gain a better understanding of:

  • What type of companies need TPRM and why
  • How to determine the potential risk a vendor brings to your organization
  • The key elements of assessing vendors and risk
  • How to scale from your current TPRM program to a stronger, more mature approach

Scaling Third-Party and Enterprise Risk Management

By | Previously Recorded

Listen as our panel of experts, including Valley Health’s CISO share information on building a strong security program. The panel discusses:

  • Trends behind the focus on TPRM
  • How Valley Health is approaching TPRM
  • Keys to a scalable TPRM program
  • Current solutions and emerging software platforms
  • How CISO’s can foster adoption within their organizations
Scaling Third Party Enterprise Risk Management Title Slide
Webinar : Scaling Third Party and Enterprise Risk Management

HITRUST Essentials

By | Previously Recorded

Listen as Michael Parisi from HITRUST joins Intraprise Health and discusses:

  • The benefits of HITRUST certification
  • What you should know as you begin your HITRUST journey
  • What types of information will be evaluated
  • How your Assessment will be scored
  • How you can best prepare for a HITRUST Assessment
HITRUST Certification Essentials Slide
Webinar : HITRUST Essentials Webinar
We use cookies in order to give you the best possible experience on our website. By continuing to use this site, you agree to our use of cookies.
Privacy Policy