The effectiveness of an IT security program is similar to military "readiness." It requires an organized and coordinated defense that is well-prepared and adequately equipped to meet the challenges of an ever-changing threat landscape.
Is your IT security program "battle-ready?" Join Redspin for a no holds barred session on why effective IT security cannot be achieved simply through HIPAA compliance, meaningful use attestation, or preparation for an OCR audit. Learn how your organization can achieve and maintain a state of security readiness, including:
Which threat is likely to present the most significant risk of PHI loss in the future;
The security precautions most frequently overlooked by healthcare providers;
The 5 key elements of a robust security program.
Since August of 2009, 552 large-scale breaches of PHI have been reported to HHS, impacting nearly 22 million people. OCR recently reported (somewhat to their surprise) that over two-thirds of the findings from their initial 115 HIPAA privacy and security audits were related to security issues, rather than privacy protection or breach notification.
Redspin believes that IT security is a foundational element to the success of the electronic health record program and, as such, a critical factor in the transformation of the U.S. healthcare industry. Yet, given the track record over the past three years, both government and industry efforts to safeguard PHI have clearly not been sufficient. As Susan McAndrew of OCR concluded, "There's a lot of work that needs to be done."
But past is often prologue. OCR itself has had to freeze its ongoing audit program until at least the next fiscal year. An issue as important as safeguarding PHI requires comprehensive and sustained efforts - akin to a military defense. Rather than simply being reactive to government regulations and HIPAA compliance enforcement initiatives, healthcare organizations should take a commanding role here. IT security is mission-critical; marshal the resources necessary to strengthen your security readiness.
In this webinar, we will openly discuss why HIPAA security regulations have not led to meaningful security improvements. Has too much focus has been put on checkbox compliance, breach news headlines and civil monetary penalties? Have eligible hospitals and other providers been moving too fast along the meaningful use path and not allocating sufficient time and resources to protect their IT infrastructure and safeguard PHI? We can't change the past. But we can offer a clarion call for the future by specifically outlining how healthcare organizations can develop and implement more effective security strategies.
Premium Members Only
OnDemand access to this webinar is restricted to Premium Members.
Berger is the President of Redspin (an Auxilio company), an IT security assessment company in Santa Barbara, CA. Under Berger's leadership, Redspin has become the leader in healthcare IT security, providing HIPAA risk analysis services to 135 hospitals, nearly 1,000 clinics, and many business associates. He is also the author of Redspin's annual "PHI Breach Report," a widely-cited resource on healthcare data breaches and their causes. In 1996, Berger received a commendation from the Oklahoma City Department of Health for his participation in a conference on "The Role of Technology in Disaster Preparedness." He is an honors graduate of Colby College in Waterville, ME.