HIPAA/HITECH

The State of Healthcare Cybersecurity and Compliance: Is HIPAA Helping or Hindering Cybersecurity Efforts

Nicholas Heesters - HHS Office for Civil Rights  •   • 

An inside view of what HHS OCR is seeing on the healthcare sector privacy and security landscape, and what the agency has in the works to address those challenges. That includes: Insights from OCR's latest breach and compliance investigations of covered entities and BAs. An update on OCR's HIPAA enforcement...

Cybersecurity and Patient Privacy in Healthcare: The Balancing Act

Jennings Aske - New York-Presbyterian , Steve Chabinsky - White & Case , Joshua Corman - Healthcare Sector , Mark Eggleston - Health Partners Plans , Marianne Kolbasuk McGee - HealthcareInfoSecurity , Dave Summitt - H. Lee Moffitt Cancer Center and Research Institute  •   • 

How do you balance privacy with data exchange among clinicians, access for patients and medical breakthroughs for researchers? This session examines whether there's a "right balance" for protecting patients' confidentiality, bolstering cybersecurity and providing individuals with access to their own health data, while...

The Evolving Regulatory Environment and Its Impact on Privacy and Security of Online Medical Records

Vikrant Arora - Hospital for Special Surgery , Marianne Kolbasuk McGee - HealthcareInfoSecurity , Mitch Parker - Indiana University Health System , Iliana Peters - Polsinelli , Anahi Santiago - Christiana Care Health System  •   • 

Data protection legislation and regulatory enforcement actions are rapidly changing throughout the world, having an immediate impact on how organizations globally approach cybersecurity, privacy, breach notification and data storage and protection. Too frequently, however, U.S. healthcare organizations have built...

Cybersecurity and Healthcare: What Clinicians Need to Know to Protect Patient Privacy and Safety

Jack Lewin - Lewin and Associates LLC  •   • 

As information security threats intensify, organizations' risk management tasks are becoming disoriented - focused more on grappling with complex technology, an explosion of data, increased regulation and a debilitating skills shortage. This is a huge danger, because prompt action is required to interpret an...

Healthcare Organizations Under Attack: Protecting IP as Well as PHI

Archived Session  • 

Jonathan Cohen - Synchronoss  •   • 

Intellectual property and protected health information are both extremely valuable to cybercriminals, which is why hackers are increasingly targeting healthcare organizations. Increasingly, patients, providers, pharmaceutical companies and others are relying heavily on mobile devices to exchange sensitive information,...

We're at War: Cyberattacks a Wake-Up Call for the Healthcare Sector

Archived Session  • 

Deven McGraw - Department of Health and Human Services' Office for Civil Rights  •   • 

The hack of health insurer Anthem exposes data on 80 million Americans. A breach of an electronic health records vendor affects dozens of clinics. A California hospital pays a ransom to get data decrypted by hackers. These and other headline-grabbing breaches are getting the attention of CEOs and boards of directors....

Cloud Services, Delivering Security and Compliance to the Healthcare Ecosystem

Archived Session  • 

Ofer Elzam - Sophos , Adam Greene - U.S. Department of Health and Human Services  •   • 

As the healthcare ecosystem is comprised of a very wide variety of entities with a broad array of non IT based competencies, ensuring these disparate environments are connected, secure and compliant is a major challenge. Can the rapidly maturing cloud based services alleviate any of these challenges? They promise to...

Preparing for and Passing an OCR HIPAA Audit

Archived Session  • 

Kate Borten - The Marblehead Group , Adam Greene - U.S. Department of Health and Human Services  •   • 

The HHS Office for Civil Rights' much-delayed resumption of its random HIPAA compliance audit program is expected in the coming months. So now is the time to prepare. This session will cover the highest priority tasks that should be started immediately if not already underway to help lay the groundwork for a...

Vendor and Partner Management - Delivering Services While Managing Security, Risk and Compliance - A Collaborative Case Study

Archived Session  • 

Joey Johnson - Premise Health , Lee Penn - PDHI , Jared Rice - Wellness Corporate Solutions , Lisa Shaner - Cummins Engine Inc.  •   • 

TThe secure sharing of information throughout the fragmented health service provider ecosystem presents a significant challenge. The multitude of relationships and interactions each present a requirement for effective security, risk and compliance management. The current mechanism for managing these requirements is a...

Developing a Comprehensive Security Program and Creating a "Culture of Security"

Archived Session  • 

Cris Ewell - NRC Health , Alexander Hughes - Kaiser Permanente , Joey Johnson - Premise Health  •   • 

Typically the traditional Healthcare Information "culture" has not been managed or even significantly influenced by centralized IT or InfoSec personnel. The current environment can be heavily fragmented into various functional and geographic groups, each with very different governance programs and priorities which...

5 Case Studies on Improving HIPAA & HITECH Compliance

Archived Session  • 

Mor Ahuvia - Gemalto  •   • 

Not only are high-profile healthcare breaches driving home the need for improved security measures, but healthcare mandates are also urging providers and business associates to review their IT infrastructure and upgrade it to maintain compliance. And 2015 is particularly taxing on the healthcare industry: Half of...

How to Stop Worrying and Love the Cloud; Leveraging Cloud Services While Maintaining Security and Compliance

Archived Session  • 

William Hudson - VMware , Mitch Parker - Indiana University Health System  •   • 

Mention cloud services to healthcare IT insiders and responses will vary from caution and trepidation to earnest interest. The advantages of low cost, on-demand cloud-based services are clear. However, managing their use and matching an organization's developmental, compliance and risk requirements to the right...

Vendor Management - Security, Risk and Compliance

Archived Session  • 

David Szabo - Locke Lord LLP  •   • 

The highly fragmented but collaborative health service provider ecosystem, presents a significant challenge in providing reliable access to protected patient health information while keeping it private. How best can we ensure that business associates are taking all the necessary steps to protect patient data and...

Preparing for and Passing an OCR HIPAA Audit

Archived Session  • 

Kate Borten - The Marblehead Group , Mitch Parker - Indiana University Health System  •   • 

The HHS Office for Civil Rights' much-delayed resumption of its random HIPAA compliance audit program is expected in the coming months. So now is the time to prepare. This session will cover the highest priority tasks that should be started immediately if not already underway to help lay the groundwork for a...

2015 Healthcare Information Security Today Survey Results: Analysis

Archived Session  • 

Tom Field - ISMG , Marianne Kolbasuk McGee - HealthcareInfoSecurity  •   • 

In this session, we'll highlight the major findings from Information Security Media Group's new national survey of healthcare information security leaders. For example, an overwhelming majority of respondents were confident their organization would "pass" a Department of Health and Human Services HIPAA compliance...