PURPOSE:
“The HHS Office for Civil Rights (OCR) enforces the HIPAA Privacy Rule, which protects the privacy of individually identifiable health information; the HIPAA Security Rule, which sets national standards for the security of electronic protected health information; the confidentiality provisions of the Patient Safety Rule, which protect identifiable information being used to analyze patient safety events and improve patient safety; and, the Breach Notification regulations requiring HIPAA covered entities and their business associates to notify individuals when their health information is breached.
“NIST’s (National Institute of Standards and Technology) mission, as a non-regulatory federal agency within the U.S. Department of Commerce, is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.
“This conference will provide a forum to discuss the current HIT security landscape, as well as practical strategies, tips, and techniques for implementing the requirements of the HIPAA Security Rule.”
AGENDA:
Click this link to view the final agenda with presentation summaries (updated May 7).
Presentations - 2010 HIPAA
Links below all open pdf versions of presentations.
Tuesday, May 11 (Day 1):
Welcoming Remarks from OCR
Susan McAndrew – Deputy Director for Privacy, HHS Office for Civil Rights
Welcoming Remarks from NIST
William Barker – Chief Cybersecurity Advisor, NIST Information Technology Laboratory
Tips and Techniques for Conducting Risk Assessments
Pat Toth – NIST
Marissa Gordon-Nguyen – HHS/OCR
Keynote Address
Georgina Verdugo—Director, HHS Office for Civil Rights
Howard Schmidt – White House Cybersecurity Coordinator
Standards and Certification Interim Final Rule
Steve Posnack – HHS/ONC
Lisa Carnahan – NIST
Panel: Breach Notification
Christina Heide – Health Information Privacy Division, HHS/OCR
Cora Tung Han – Division of Privacy and Identity Protection, Federal Trade Commission (FTC)
Security of Health Devices
Elliot Sloane – Drexel University
Security Considerations for New Media and Healthcare
Sharon Finney – Corporate Data Security Officer, Adventist Health System
Update on OCR Enforcement of the Privacy and Security Rules
Marilou King – Civil Rights Division, HHS Office of General Counsel
David Holtzman – Health Information Privacy Division, HHS/OCR
Wednesday, May 12 (Day 2):
FTC Information Security
Alain Sheer – Attorney, Division of Privacy and Identity Protection, FTC
Strategies for Developing and Implementing Contingency Plans
David Holtzman – Health Information Privacy Division, HHS/OCR
Marianne Swanson – NIST
Logging and Auditing in a Healthcare Environment
Mac McMillan – Cynergistek, Inc
Panel: HIPAA Security Compliance: An Industry Perspective
Panel Slides
Sue Miller – WEDI
Lisa Gallagher – HIMSS
Robert Tennant – MGMA
Dan Rode – AHIMA
HIE Security Architecture
John Kelly – Director, eBusiness Architecture, Harvard Pilgrim Healthcare
Security Implementation Considerations for Mobile and Wireless Technologies
Matt Sexton – Booz Allen
Encryption Standards
Matt Scholl – Group Manager, Security Management and Assurance, Computer Security Division, NIST
