For answers to these questions and more, check out the Healthcare Information Security Today webinar. Howard Anderson, news editor at Information Security Media Group, presents an overview of the survey's top findings, then leads an expert panel in a discussion of key topics. Sponsor of the survey is RSA, the Security Division of EMC.
The panelists include: Dan Berger, CEO of Redspin; Michael Bruemmer, vice president of Experian Data Breach Resolution; and Tom Walsh, president of Tom Walsh Consulting. They'll address critical issues, including:
How can organizations work with their business associates to help prevent breaches?
What are the top mobile device security issues that need to be addressed?
What's the key to a truly successful privacy and security training program?
As major health data breaches continue to grab headlines, and as federal regulators step up enforcement of privacy and security requirements under the new HIPAA Omnibus Rule, healthcare organizations face the challenge of ensuring patient information is adequately protected. What are their key action items?
In an overview of the Healthcare Information Security Today survey results, Howard Anderson, news editor at Information Security Media Group, covers a broad range of issues:
Breach Prevention Efforts
Healthcare organizations are more confident in their ability to thwart external threats than their ability to mitigate internal threats. The survey identifies top breach prevention strategies.
Encryption and Authentication
The survey confirms that healthcare organizations still have a lot of work to do in implementing these technologies.
Risk Assessments: A Status Report
HIPAA and the HITECH Act both require current risk assessments. Yet the survey shows about a third of organizations have not conducted an assessment within the past year.
Top Security Priorities and Investments
Top priorities for the year ahead include improving regulatory compliance, boosting security education and preventing and detecting breaches. Top investments for the year ahead are an audit tool or log management system, a data loss prevention system and a mobile device management system.
BYOD Widespread, But are Protections Keeping Up?
A majority of organizations allow clinicians to use personal mobile devices for work-related purposes. But mobile security policies are still evolving.
Following the survey overview, Anderson convenes a discussion of the findings with a panel of experts.
Premium Members Only
OnDemand access to this webinar is restricted to Premium Members.
Berger is the President of Redspin (an Auxilio company), an IT security assessment company in Santa Barbara, CA. Under Berger's leadership, Redspin has become the leader in healthcare IT security, providing HIPAA risk analysis services to 135 hospitals, nearly 1,000 clinics, and many business associates. He is also the author of Redspin's annual "PHI Breach Report," a widely-cited resource on healthcare data breaches and their causes. In 1996, Berger received a commendation from the Oklahoma City Department of Health for his participation in a conference on "The Role of Technology in Disaster Preparedness." He is an honors graduate of Colby College in Waterville, ME.
Vice President, Experian Data Breach Resolution
Michael Bruemmer is Vice President, ExperianÂ® Data Breach Resolution at Experian Consumer Services, the leading provider of online consumer credit reports, credit scores, credit monitoring, other credit-related information, and protection products. With more than 25 years in the industry, Michael brings a wealth of knowledge related to business operations and development in the identity theft and fraud resolution space where he has educated businesses of all sizes and sectors through pre-breach and breach response planning and delivery, including notification, call center and identity protection services.
President, Tom Walsh Consulting
Walsh, CISSP, is president of Tom Walsh Consulting firm that advises healthcare organizations on risk management strategies, risk analysis, disaster recovery planning, security training, and remediation activities. Walsh also serves as information security officer at San Antonio Community Hospital on an outsourced basis. He serves as the information security consultant for several organizations including a community-based hospital, a multi-hospital health system, and a large physician organization. Prior to starting his own business nine years ago, Walsh's experience included being the first information security manager for a large, multi-hospital healthcare system in Kansas City.