This webinar will cover, in part, the kind of governance structure suitable for managing challenges related to BMDI IoT. It is critical to have a compliance governance structure that encompasses BMDI IoT because these types of devices will likely account for the majority of PHI data breaches going forward. Governance, as used herein, means a mechanism by which control and authority are asserted over the organization’s BMDI IoT program (i.e. not having a program is not an option, it’s just a question of whether your program is formal and coherent or ad hoc). Of course, governance is critical to the organization’s entire HIPAA compliance initiative.
However, criticality is heightened with respect to BMDI IoT because of the liability and reputational harm that can be caused by a breach. This web session will also discuss PHI access device tracking that is required by the HIPAA Security Rule. For BMDI IoT, asset registration and tracking should be accomplished via your BMDI IoT enrollment program. Tracking devices and applications that access PHI is a foundational part of risk analysis. Until an organization understands its “As Is” environment, it can’t hope to effectively analyze and mitigate risks.