HIPAA Compliance and the Protection of Cyber Security

Breaches wreak havoc on healthcare organizations. One gap in your facility's infrastructure can leave private patient data wide open for those with malicious intent to take and use to their advantage. Electronic Health Records (EHRs) can be encrypted and made useless by hackers demanding a ransom and information can be sold to interested parties who can then use it for identity theft.

June 06, 2018
10:00am to 11:15am

← Back to Events


What


Frank Ableson, owner of navitend, a managed IT services provider will speak on HIPAA and Information Security to help you better understand how to identify and mitigate the risks your facility faces.  During this interactive discussion you will learn action items for practical controls and safeguards to put into place along with effectively managing your team in the face of digital threats.  The overall objective during this session is to help you improve the security posture of your organization.

Read through these common myths about risk assessments and then decide... should you attend this session?

1.  The security risk analysis is optional for small providers.  False. All providers who are “covered entities” under HIPAA are required to perform a risk analysis.

2.  Simply installing a certified EHR fulfills the security risk analysis MU requirement.  False. Even with a certified EHR, you must perform a full security risk analysis. Security requirements address all electronic protected health information you maintain, not just what is in your EHR.

3.  My EHR vendor took care of everything I need to do about privacy and security.  False. Your EHR vendor may be able to provide information, assistance, and training on the privacy and security aspects of the EHR product. However, EHR vendors are not responsible for making their products compliant with HIPAA Privacy and Security Rules. It is solely your responsibility to have a complete risk analysis conducted.

4.  A checklist will suffice for the risk analysis requirement.  False. Checklists can be useful tools, especially when starting a risk analysis, but they fall short of performing a systematic security risk analysis or documenting that one has been performed.

5.  My security risk analysis only needs to look at my EHR.  False. Review all electronic devices that store, capture, or modify electronic protected health information. Include your EHR hardware and software and devices that can access your EHR data (e.g., your tablet computer, your practice manager’s mobile phone). Remember that copiers also store data.

6.  I only need to do a risk analysis once.  False. To comply with HIPAA, you must continue to review, correct or modify, and update security protections. 

Why


A healthcare facility's leadership must understand and treat cyber security as a high priority, taking an active role in its oversight and development. As your organization increasingly relies on sensitive data stored on corporate networks, cyber security and risk management become more intertwined.

Where


2018 LeadingAge New Jersey Annual Meeting & Expo Harrah’s Atlantic City

Testimonials

  • "I look forward to working with you again in the future. Once again, thanks to your organization for your prompt response."

    Luke Wolters / Luke Wolters Tax Consultants
  • "Our company is more efficient and has grown as a result of navitend’s work. navitend helped us get to the next level."

    Greg Niccolai / Madison Insurance
  • "navitend has been a great IT partner for our company.  Their helpdesk response time is the best I have experienced in my 30 year career.  navitend has helped me to have great IT services without the need to have a full time, in house, technician at significant savings to our company."

    Bob Bradley, President, Bradley Graphics
  • “Navitend’s expertise helped our firm over the past year to effectively elevate our I.T. game, powering our website into a highly interactive tool. Well done to Frank and his team!”  

    Chuck Steege, CFP®, CEP, President, SFG Wealth Planning Services, Inc.
  • "I appreciate that they didn’t just build the application. They made it better by bringing ideas to the table that not only made for a better user experience, but also kept the development costs down."

    Andy Lynch / North Star Marketing
  • "Thanks so much again for taking care of everything in such an expedient manner. It's a pleasure to work with navitend and its staff as always!"

    Lawrence Wolfin / Textol Systems, Inc.
  • "Thanks so much!  You are a class act!  
    You and your team have really done an excellent job on this!"

    Steve Van Ooteghem, The C12 Group in Houston, Texas
  • "We've dedicated our lives to growing our retail and ecommerce business and it's a relief to have found a company like navitend who treats our business likes it's their own. navitend's personal approach to project management and problem solving are top-notch."

    Stamatis, Co-owner Twisted Lily, Fragrance Boutique and Apothecary