For small and midsize hospitals, clinics and business associates with limited resources, developing an effective privacy and security strategy can be difficult. Federal regulators recently issued new guidance tailored for these organizations. But putting that guidance into action is challenging.
In this webinar, two security experts will sort through the latest guidance from the Department of Health and Human Services and provide a roadmap for conducting a successful risk assessment and building an effective privacy and security strategy.
Our speakers will:
Describe how federal guidance on risk assessments has changed - and what that means for your organization;
Review privacy and security requirements under HIPAA and the HITECH Act electronic health record incentive program;
Describe how to address the biggest compliance challenges for smaller organizations.
Many small and midsize hospitals and clinics are ramping up their privacy and security efforts as they implement electronic health records. Faced with limited resources and expertise, conducting a risk assessment and building a solid strategy for protecting patient information is challenging.
To help these organizations, the Department of Health and Human Services recently released a "Guide to Privacy and Security of Health Information" that provides comprehensive guidance on a variety of issues. For example, the guide offers insights on conducting risk assessments to comply with the requirements of the HITECH electronic health record incentive program as well as HIPAA.
This 47-page document is both comprehensive and extensively referenced. But extracting relevant information from the guide and putting it to use is a formidable task.
In this webinar, two experienced information security and privacy consultants will sort through the latest advice from HHS and provide insights based on their real-world experience on how smaller organizations can make the right moves to protect patient information.
In this webinar, you'll get tips on how to:
Interpret the latest federal guidance on risk assessments;
Carry out a risk assessment on a tight budget;
Comply with the privacy and security requirements under HIPAA and the HITECH Act electronic health record incentive program;
Develop an effective plan for training staff on privacy and security issues;
Weigh the risks and rewards of attesting to compliance with the HITECH EHR incentive program's "meaningful use" requirements;
Understand the effects of information security risks on patients and providers alike;
Learn why a "checklist" approach to privacy and security compliance is inadequate as well as how to guard against following other bad advice.
Premium Members Only
OnDemand access to this webinar is restricted to Premium Members.
Rebecca Herold is President of SIMBUS LLC, a cloud-based privacy and security firm and also CEO of The Privacy Professor, a consultancy. She is also author of 19 books on information security and privacy.
CTO, ACR 2 Solutions
Peterson is CTO at ACR 2 Solutions, a consulting firm that's a member of the Hewlett Packard Healthcare Alliance. In 2005 he wrote the original computer program that condensed thousands of pages of NIST guidance into an expert system computer model for banks, agencies, hospitals, clinics and business associates regulated under GLBA, FISMA, PCI or HIPAA. He has been working with expert system computer models since 1975 and has been awarded three U.S. patents and a national engineering award.