Purchase any WEBINAR and get
10% Off
CODE: SAVE10
T&C applicable, please referFAQ
Validity : 14th Apr'24 to 24th Apr'24
HIPAA, Healthcare and Cybersecurity - New Threats to Health Information and New Guidance
- How the HIPAA Security Rule addresses Cybersecurity and how to use the rule to prevent cyber-attacks
- How Cybersecurity is different from other kinds of security issues and why it deserves special attention
- The NIST Cybersecurity Framework and how to use it to prepare for and respond to Cybersecurity events
- New initiatives by HHS to provide resources and information to assist during a wave of cyber-attacks
- The importance of regular, repeated training to help prevent the initiation of an attack on your systems
- How to respond to and follow up on an attack that may result in a breach of information
Overview of the webinar
In this session, we will examine how following the requirements of the HIPAA Security Rule and specifically taking into consideration cyber-threats can help a healthcare entity prepare itself to defend against cyber-attacks and the significant impacts to privacy, security and patient care and safety that can result. We will learn about the latest guidance and tools for assisting in preparation and response to cyber-attacks and what to do if the attack is successful and creates an incident that must be managed and recovered from.
Dealing with Cybersecurity begins with prevention of issues through good practices, good training and good people who know how to do the right thing. It is important to take reasonable precautions that follow good network practices for preventing and isolating malicious activity, including anti-malware, complex firewalling and network segmentation and monitoring. Staff and all users must be trained to not be the attack vector when a malicious actor sends a message that includes a link or attachment that can launch a devastating attack on your services and practices.
Overall, following the practices established in the HIPAA Security Rule can help prevent Cybersecurity incidents through appropriate consideration of current issues, including Cybersecurity, in Risk Analysis and Risk Mitigation planning.
When an incident does occur, it is important to have a prepared plan for how to evaluate and respond to incidents so that any damage is minimized and the appropriate notification of breaches takes place. And, finally, any incident is an opportunity to learn how to do better the next time through better avoidance and better response to Cybersecurity incidents.
Who should attend?
- Compliance Manager
- HIPAA Privacy Officer
- HIPAA Security Officer
- CEO
- Office Manager
- HR Director
- Privacy Officer
- CIO
- Records Release Manager
- HIM Manager
- Counsel
Why should you attend?
Healthcare information has been protected according to regulations under the Health Insurance Portability and Accountability Act (HIPAA) since 2003 but new attacks by malicious external actors (hackers) pose new threats to the confidentiality, integrity and availability of Protected Health Information (PHI). The National Institute of Standards and Technology (NIST) has released Cybersecurity guidance to assist with preparations to avoid and respond to threats, and HHS has launched a new Healthcare Cybersecurity Communications Integration Center (HCCIC) to assist healthcare entities in the event of cyber-attacks.
If you are not prepared to deal with Cybersecurity issues your organization can be brought to its knees. More than one healthcare entity has had to scrap its entire IT infrastructure to recover from an attack, at a cost of millions of dollars and entities that are not sufficiently prepared to deal with Cybersecurity issues may receive penalties from the US Department of Health and Human Services if a breach results.
Now is the time to be sure your Cybersecurity stance is strong and resilient and follows recommendations by HHS and NIST.
Faculty - Mr.Jim Sheldon-Dean
Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities. He is a frequent speaker regarding HIPAA, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference. Sheldon-Dean has more than 16 years of experience specializing in HIPAA compliance, more than 34 years of experience in policy analysis and implementation, business process analysis, information systems and software development, and 8 years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master’s degree from the Massachusetts Institute of Technology.