Webinar Healthcare, Cybersecurity, and HIPAA: New Threats to the Confidentiality, Integrity, and Availability of Health Information by Jim Sheldon-Dean

01:00 PM EDT | 10:00 AM PDT | 12:00 PM CDT Duration 90 Minutes

Webinar Includes : All the training handouts , certificate ,Q/A and 90 mins Live Webinar

"Presented By Top HIPAA Expert Jim Sheldon-Dean (Founder and director of compliance services at Lewis Creek Systems, LLC)"

How to respond to and follow up on an attack that may result in a breach of information


Healthcare information has been protected according to regulations under the Health Insurance Portability and Accountability Act (HIPAA) since 2003 but new attacks by malicious external actors (hackers) pose new threats to the confidentiality, integrity, and availability of Protected Health Information (PHI).  The National Institute of Standards and Technology (NIST) has released Cybersecurity guidance to assist with preparations to avoid and respond to threats, and HHS has launched a new Healthcare Cybersecurity Communications Integration Center (HCCIC) to assist healthcare entities in the event of cyber-attacks. 

If you are not prepared to deal with Cybersecurity issues your organization can be brought to its knees.  More than one healthcare entity has had to scrap its entire IT infrastructure to recover from an attack, at a cost of millions of dollars, and entities that are not sufficiently prepared to deal with Cybersecurity issues may receive penalties from the US Department of Health and Human Services if a breach results.

Now is the time to be sure your Cybersecurity stance is strong and resilient and follows recommendations by HHS and NIST.

In this session, we will examine how following the requirements of the HIPAA Security Rule and specifically taking into consideration cyber-threats can help a healthcare entity prepare itself to defend against cyber-attacks and the significant impacts to privacy, security, and patient care and safety that can result.  We will learn about the latest guidance and tools for assisting in preparation and response to cyber-attacks, and what to do if the attack is successful and creates an incident that must be managed and recovered from.

Dealing with Cybersecurity begins with prevention of issues through good practices, good training, and good people who know how to do the right thing.  It is important to take reasonable precautions that follow good network practices for preventing and isolating malicious activity, including anti-malware, complex firewalling and network segmentation, and monitoring.  Staff and all users must be trained to not be the attack vector when a malicious actor sends a message that includes a link or attachment that can launch a devastating attack on your services and practices.

Overall, following the practices established in the HIPAA Security Rule can help prevent Cybersecurity incidents through appropriate consideration of current issues, including Cybersecurity, in Risk Analysis and Risk Mitigation planning.

When an incident does occur, it is important to have a prepared plan for how to evaluate and respond to incidents so that any damage is minimized and the appropriate notification of breaches takes place.  And, finally, any incident is an opportunity to learn how to do better the next time through better avoidance and better response to Cybersecurity incidents

Learning Objectives

At the conclusion of the session, participants will be able to:

1. Understand how to use Risk Analysis and the Information Security Management Process to address Cybersecurity issues.

2. Know how to prepare for Cybersecurity events that threaten the privacy and security of PHI.

3. Understand the importance of good user training to prevent and detect Cybersecurity events.

4. Know more about the steps that can be taken to help prevent Cybersecurity attacks and minimize any damage from them

Areas Covered

•     How the HIPAA Security Rule addresses Cybersecurity, and how to use the rule to prevent cyber-attacks
•     How Cybersecurity is different from other kinds of security issues and why it deserves special attention
•     The NIST Cybersecurity Framework and how to use it to prepare for and respond to Cybersecurity events
•     New initiatives by HHS to provide resources and information to assist during a wave of cyber-attacks
•     The importance of regular, repeated training to help prevent the initiation of an attack on your systems
•     How to respond to and follow up on an attack that may result in a breach of information

Who will Benefit

Attendees should include Compliance Officers, Privacy and Security Officers, and leadership and staff in health information management, information security, and patient relations, as well as staff in patient intake and front-line patient relations and any others that are involved in, interested in, or responsible for, patient communications, information management, and privacy and security of Protected Health Information under HIPAA, including:
•    Compliance director
•    CEO
•    CFO
•    Privacy Officer
•    Security Officer
•    Information Systems Manager
•    HIPAA Officer
•    Chief Information Officer
•    Health Information Manager
•    Healthcare Counsel/lawyer
•    Office Manager
•    Contracts Manager

Industries who can attend

This 90-minute online course is intended for professionals in the Healthcare  Industry.

Speaker Profile

Jim Sheldon-Dean

Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities. 

Sheldon-Dean serves on the HIMSS Information Systems Security Workgroup, has co-chaired the Workgroup for Electronic Data Interchange Privacy and Security Workgroup, and is a recipient of the WEDI 2011 Award of Merit. He is a frequent speaker regarding HIPAA and information privacy and security compliance issues at seminars and conferences, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference in Washington, D.C. 

Sheldon-Dean has more than 30 years of experience in policy analysis and implementation, business process analysis, information systems and software development. His experience includes leading the development of health care related Web sites; award-winning, best-selling commercial utility software; and mission-critical, fault-tolerant communications satellite control systems. In addition, he has eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master’s degree from the Massachusetts Institute of Technology.

Back to Top