1st Talk Compliance features guest Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX, on the topic of “A Business Associate Agreement? Tell Me More!” Rachel joins our host Catherine Short to discuss how Business Associate Agreements (BAA) are not new; however, some individuals are new to healthcare and others never understood what a BAA is exactly. A BAA is a contract that fundamentally gives assurances that the parties are complying with the Security Rule and Privacy Rule, setting parameters in the event of a reportable security incident or a breach, and states how the sensitive data will be returned and destroyed at the end of the relationship. This presentation not only seeks to dispel myths about why certain language is prevalent in nearly all BAAs, but also provides insight into other provisions, and items for consideration, in light of the 21st Century Cures Act.
1st Talk Compliance features guest Trey Scott, Coordinating Attorney at Kennedy, Attorneys & Counselors at Law, on the topic of “Have a Breach? Reporting Requirements with the OCR.”Trey joins our host, Catherine Short to discuss the reporting requirements for a data breach of a healthcare provider, the definition of a breach, different timelines for reporting breaches, as well as how to complete a breach reporting form from the Office of Civil Rights.
1st Talk Compliance features guest Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX, on the topic of “HIPAA and Beyond: Documentation Retention & Legal Holds.” This episode addresses laws that are relevant to healthcare industry participants, as well as compliance suggestions, and steps to take when either a legal hold or a preservation request arrives.
Raymond Ribble is the CEO and Founder at SPHER, Inc. a market-leading compliance analytics, cyber-security solution addressing: HIPAA compliance, State Privacy Laws, and ePHI security threats and our presenter for this webinar. Snooping and Insider threats are exactly why user monitoring and ePHI access strategies are vital to the security of sensitive patient information and data protection. While it is an unsettling thought, not all cybersecurity incidents are traced from employee negligence. With so much attention and money surrounding cybersecurity in the healthcare industry, malicious employees may decide to purposefully disclose patient information. Since employees and contractors may have knowledge of your network setup, vulnerabilities, and access codes, snooping employees with malicious intent hold the key to exposing your organization to a series of unwanted risks and threats.
First Healthcare Compliance hosts C. Trey Scott, Coordinating Attorney at Kennedy, Attorneys & Counselors at Law, for an interactive discussion on “Under Pressure: Reporting Requirements with OCR for Breaches.” Attendees will learn the reporting requirements for a data breach of a healthcare provider.
John Shegerian, Co-Founder and Chairman/CEO of ERI and co-author of the cybersecurity book, “the Insecurity of Everything” will be presenting a talk about cybersecurity titled “The Insecurity of Everything: How Hardware Data Security is Becoming the Most Important Topic in the World” and will share some of the latest information about the very real problem of hardware hacking in the world of healthcare and beyond and how that issue became even more serious during the pandemic, with so many people working from home. He will also be explaining critical information for health-related businesses to help them keep their private data – and the data of their patients and customers – protected!
Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX and Bruce Lynskey, Co-Founder, Director, and Chief Executive Officer at ePrevenir will be presenting with us. Negotiating occurs in every facet of business and law. From contractual negotiations through settlement negotiations, it is a delicate dance. There are a variety of classic negotiation techniques, which include extreme posturing and “anchoring”. Healthcare and cybersecurity present unique challenges because of the looming exposure to a government investigation and either a civil and/or criminal action, even if a settlement is reached between two private parties. The purpose of this presentation is to provide approaches when negotiating contracts, settlements, and other items, which arise in healthcare and the cybersecurity industries.
Stop the Insanity! Why Healthcare Organizations Need to Take a New Approach to Cybersecurity & Data Privacy Training
Rebecca L. Rakoski, managing partner at XPAN Law Partners and Sajed Naseem, Chief Information Security Officer (CISO) from NJ Courts are presenting this engaging webinar. Employees are one of an organization’s greatest strengths, but also its greatest weaknesses. For years cybersecurity and data privacy advocates have been arguing that training employees is the only way to safeguard the organization. This is especially true in the healthcare arena where HIPAA training is required. However, these same healthcare organizations engage in training for their employees only to stare down the barrel of a data breach caused by one of those trained employees.The question becomes, why do we continue to repeat the same exercise expecting a different outcome?
Raymond Ribble, founder of SPHER, Inc. a leading SaaS-based compliance analytics solution addressing PHI protection and cybersecurity in healthcare, leads this informative webinar. This presentation takes the audience through a series of scenarios and lessons learned that can assist in securing the employee “endpoint” either in the office or at a Home Office. The presentation highlights key security measures a person can deploy to create a better security environment in order to protect their personal and professional documents from unauthorized access.