Cyber Security

Speaker: Wes Morris, Senior Director of Consulting Services, Clearwater Compliance

Description – Cybersecurity remains a hot topic in most organizations’ minds – healthcare is no exception.  The U.S. healthcare market is an especially tempting target for attacks, given that medical records are worth up to 20 times as much as financial records when sold on dark web markets.  Privacy, especially complying with the HIPAA Privacy Rule, is also a top-of-mind issue since regulatory changes continue.  This training event will focus on these two critical topics, understanding that FQHCs and Look-Alikes operate in environments that don’t allow a great deal of investment in cybersecurity and privacy products and services.

After setting the stage with a brief review of the HIPAA Privacy and Security standards, we’ll move into discussing several topics, including:

• The Cyber Security Act of 2015, section 405(d) – the new practice that allows Health and Human Services some latitude in penalties in the event of an investigation, and how FQHCs can structure their programs to take advantage of the recognized security practices that may reduce penalties.
• Ransomware and steps every organization can take to reduce the risk.
• The Information Blocking Rule – what it is, how it affects healthcare providers, and considerations for FQHCs.
• Vendor Risk Management – vendors result in 60% of the breaches in healthcare, FQHCs and Look-Alikes must have strategies for their vendors and understand the risks.
• Potential changes to the HIPAA Privacy Rule