Speakers

 

SLIDES - President's Welcome

 

Lee Kim, BS, JD, FHIMSS Director of Privacy and Security HIMSS North America	Predictions for 2015 and Beyond: Be Ready and Prepared for the Unknowable. It is now 2015.  2014 was indeed a turning point for healthcare information security: nation state actors, hacktivists, insider threat actors, and more.   Are we ready for increasingly sophisticated threats and threat actors?  This session will provide a retrospective view of key events in 2014 and a summary of HIMSS efforts in education and advocacy within the privacy and security arena.  Predictions pertaining to cyber threats and threat actors will also be provided for 2015 and beyond.   SLIDES
Mac McMillan, FHIMSS, CISM Chairman, CEO & Co-Founder CynergisTek, Inc.	The Importance of Cybersecurity in a Complex Threat Environment Healthcare executives continuously face more complex security threats and the need for an effective security is a business imperative. The key to a successful security program requires an understanding of cyber threats and needs leadership support to ensure necessary adoption. This session will identify threats and create necessary awareness of today's cybersecurity environment. Learning Objectives: Identify the most pressing cyber security concerns and trends that healthcare provider organizations face today Describe strategies for mitigating risk associated with cyber threats Implement proven strategies for creating cyber risk awareness and incorporating the proper protocol to ensure it is a part of an organization’s culture   SLIDES
Frederick J. Simon Special Agent/Assistant Coordinator FBI InfraGard, Los Angeles Cherie J.Kono Program Director FBI InfraGard, Los Angeles	FBI Cybersecurity Update
Tom August, CISSP Co-author, CISO Handbook Sajid Ahmed Chief Information & Innovation Officer MLK Hospital John Jaymes Good Samaritan Hospital Information Security Officer	Managing Business Associate Risks and Expectations Today, the Healthcare industry is facing a perfect storm of risk factors related to their third-party Business Associate relationships, such as:  Increased OCR attention and strong financial penalties levied in 2014 for HIPAA data breaches of Protected Health Information.  Many of these involved third-party Business Associates. 2013's HIPAA Omnibus Rule has imposed much stricter requirements for HIPAA data breach reporting for both CE's and BA's.  Additionally, increased pressure has been placed on covered entities to assess and monitor their third-party Business Associate risks.  Further, Business Associates are now being held accountable for compliance with HIPAA security requirements. Increased adoption of both Mobile and Cloud Computing technologies in order to provide improved patient care and lower costs.  However, many of these technologies and services are managed and controlled by third-parties.  An increasing number of reportable HIPAA data breaches at covered entities are being caused by either inadequate third-party security practices or the CE's failure to establish Business Associate Agreements with these third-parties. Please join our panel of distinguished Information Security professionals as they share their experiences, concerns and best practice ideas for managing the risks and expectations of Business Associate relationships.