Register Online - Add to Cart
Product ID: 396506EAU
 
Credit & Course Provided by:

Keeping PHI In and Hackers Out- Make Your Medical Records Theft Proof

OnDemand Webinar (78 minutes)

Understand the risks associated with personal confidential information so your organization can be prepared for multiple kinds of data breaches.

Health care providers hold a wide variety of highly confidential personally identifying information that can wreak havoc in the wrong hands. Breaches of health information can have serious consequences for both providers and patients, and risk management is essential to every organization. While it is impossible to prevent every security incident and data breach, a security management program helps an organization build a culture of concern, determine potential exposure, and manage risk to an acceptable level. This topic will help in-house counsel, risk management and data privacy and security professionals, and outside counsel recognize the current threat environment, map and categorize the organization's data and data flows, and implement a robust security management process to address the organization's unique needs.

Authors

Kimberly Metzger, CIPP/US, CIPM, Ice Miller LLP

Agenda

Importance of Data Security in Health Care: How Security Breaches Impact Patients and Providers

Current Cyber-Threat Environment

• External Threats to Data

• Internal Threats to Data

• Health Care: State of Readiness

Data Security Objectives: Confidentiality, Integrity, and Availability of Data

Data Classification

• Assessing Potential Impact of Security Breach (Low-, Moderate-, and High-Impact Data)

• Security Categorization/Classification Applied to Information Types (Restricted Data, Private Data and Public Data)

Overview of Federal and State Law

• HIPAA Security Rule

• Medicare/Medicaid EHR Incentive Programs ("Meaningful Use")

• Impact of State Law

Implementing a Security Management Process

• Organizational Leadership

• Documenting Findings

• Security Risk Analysis

• Action Plan

• Managing Risk

• Meaningful Use Security-Related Objectives

• Ongoing Monitoring, Auditing, and Updating

Special Issues

• The Cloud

• Mobile Devices

• Email and Texting

• BYOD

Security Update: Ocr Enforcement, Audits, and Settlements