Crucial Steps and Strategies in Managing Risks Under HIPAA & HITECH
The Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act have always been relentless when it comes to regulating, managing and protecting electronically stored information in healthcare facilities. Through the years, these acts have worked together to ensure that hospitals and other healthcare providers regularly conduct a thorough vulnerability assessment of their records. The government has also been closely monitoring its implementation, making sure that all areas of implementation are fully enforced. With the intensified enforcement of HIPAA and HITECH, compliance has also become tougher for the healthcare industry.
Listen as a panel of distinguished professionals organized by The Knowledge Group provide the audience with the framework of these two acts, and the potential risk issues healthcare providers might face. Speakers, among other things, will discuss the key areas of a good vulnerability assessment. They will also offer steps and strategies to manage the different threats under HIPAA and HITECH.
This LIVE Webcast will discuss the following topics:
- HIPAA & HITECH - Overview
- Electronic Protected Health Information (EPHI)
- Updates and Developments
- Recent Audits and Litigated Cases
- Steps and Strategies to Manage Risks
Jason Ford, Chief Technology Officer and Chief Information Security Officer
- With HIPAA-HITECH being a loose framework, identifying holes and risks in your environment can be a challenge. Leveraging other frameworks can help this. We will discuss how and which tools can help.
- Discuss several key ways to prepare for an auditor to evaluate your systems and company processes.
- When applying controls to your systems, discuss how to avoid risks by continuously monitoring your environment for new threats.
Conor O. Duffy, Attorney
Robinson & Cole LLP
- HIPAA Fundamentals: too many entities still fail to meet basic requirements like conducting risk assessments and entering into business associate agreements; failure to address these fundamental requirements can lead to heightened regulatory scrutiny.
- Protecting highly sensitive data – tips for identifying and securing highly sensitive and high-risk data held by covered entities and business associates, including information concerning sensitive health conditions, and financial and other identifying personal information.
- Breach reporting obligations at the federal and state level – with almost all states having enacted security breach reporting laws, health care organizations must look beyond HIPAA’s Breach Notification Rule to assure compliance with reporting obligations in the event of a security incident.
- Ransomware: As ransomware attacks proliferate, proactively planning for a ransomware attack can help your organization mitigate the fallout.
Who Should Attend:
- HIPAA & HITECH Lawyers
- HIPAA Privacy and Security Specialists
- Information and Technology Lawyers
- Healthcare Insurance Managers
- Healthcare Services Professionals
- Healthcare Attorneys
- Healthcare Providers
- Compliance and Risk Managers
- Healthcare Privacy & Security Specialists
- IT Specialists in Healthcare Institutions
- Other Interested Professionals
As Chief Technology Officer and Chief Information Security Officer of Contegix, Jason Ford works at the forefront of innovative security technologies to develop solutions. Jason draws upon his 25 years of experience in advanced technology and infrastructure development to oversee the organization’s technical design, direction and security initiatives.
Those years of experience stem from working on a wide range of technologies in varying industries and agencies. Jason worked in the public sector for several years – first for the Chief Scientists of the Federal Bureau of Investigations developing innovative network and system technologies, and then with the Department of Treasury, creating an online platform for purchasing savings bonds. Working at private sector companies like Verio (since purchased by NTT Data), Jason learned even more about cloud hosting and managed services at large scale. He applied the knowledge he acquired there, in regard to processing and customer service, to the strong work ethic derived from his blue-collar background.
Before joining Contegix, Jason was CTO and co-founder of BlackMesh in Ashburn, VA. Jason co-founded BlackMesh in 2003 with a mission of providing customized and secure cloud service offerings with on-demand support for organizations of all sizes. BlackMesh was acquired Contegix in June of 2017.
As Chief Technology Officer and Chief Information Security Officer of Contegix, Jason Ford works at the forefront of innovative security …
Conor Duffy is a member of Robinson & Cole LLP’s Health Law Group and its Data Privacy + Security Team. Mr. Duffy advises hospitals, physician groups, community providers, and other health care entities on general corporate matters and regulatory health law issues. He also counsels clients on compliance with the Health Insurance Portability and Accountability Act (HIPAA) and other federal and state information security laws and regulations.
Conor Duffy is a member of Robinson & Cole LLP’s Health Law Group and its Data Privacy + Security Team. …
Print and review course materials
Method of Presentation:
Experience in health information privacy law
NY Category of CLE Credit:
Areas of Professional Practice
Unlock All The Knowledge and Credit You Need
Leading Provider of Online Continuing Education
It's As Easy as 1, 2, 3
Get Your 1-Year All Access Pass For Only $199
Contegix® provides cloud, application lifecycle management, and managed services to all markets from start-up to enterprise. Offering public (AWS & Azure), private, and hybrid cloud, they also serve as a trusted advisor for IaaS and PaaS. Contegix is the global leader in Atlassian hosting and has extensive capabilities with other application lifecycle management tools like GitHub, and CMS tools such as Drupal, Magento and Wordpress. As a FedRAMP-authorized service provider, Contegix offers federal agencies secure cloud storage and solutions. The PaaS BlackMesh SecureCloud, provided by Contegix, meets strict government security guidelines, which puts them amongst the top FedRAMP-authorized providers.
Contegix services and technology are designed for the DevOps team, with the sole purpose of helping companies grow smarter and faster. By providing infrastructure, deep expertise, and talent they allow businesses and their developers to focus on company innovation and growth, rather than back-end management. As the premier Cloud Application Service Provider (CASP), Contegix bridges the gap between hosting providers who simply provide support to the OS level and MSP’s who only go down to the OS level. Contegix provide support all the way up from the hardware to the app stack to ensure optimal performance of companies’ critical websites and applications.
State-of-the-art data centers, located in St. Louis, Kansas City, Las Vegas, Toronto, Reston, VA, Reading and Bethlehem, PA, Dallas, and Amsterdam, coupled with federal security and compliance certifications, allow Contegix to offer FedRAMP, FISMA, HIPAA and PCI compliant solutions to a wide range of geographically diverse customers.
About Robinson & Cole LLP
Robinson+Cole is a service mark of Robinson & Cole LLP, an Am Law 200 firm with approximately 200 lawyers in nine offices serving regional, national, and international clients, from start-ups to Fortune 500 companies. Since 1845, Robinson & Cole LLP has expanded to meet the changing needs of clients. The firm represents corporate, governmental, and nonprofit entities, as well as individual clients, in a wide range of matters, including corporate; business and insurance litigation; tax and tax-exempt; finance; public finance; land use, environmental and utilities, and real estate; health law; labor, employment, and benefits; intellectual property and technology; and government relations. For more information, please visit www.rc.com.