1st Talk Compliance features guest Raymond Ribble, CEO and Founder at SPHER, Inc., on the topic of “Employee Snooping & Insider Threats.” Ray joins our host Catherine Short to discuss snooping and insider threats and why user monitoring and ePHI access strategies are vital to the security of sensitive patient information and data protection. With so much attention and money surrounding cybersecurity in the healthcare industry, malicious employees may decide to purposefully disclose patient information. Since employees and contractors may have knowledge of your network setup, vulnerabilities, and access codes, snooping employees with malicious intent hold the key to exposing your organization to a series of unwanted risks and threats. Listen as we identify signs of unauthorized access, provide guidelines to prevent snooping, and offer procedures to detect insider threats.
Health Data, A Value Proposition: Legal Risks with Innovative Data Sharing Projects – Audio Version of the Webinar
Iliana L. Peters, Shareholder at Polsinelli PC will be leading this engaging audio version of her webinar presentation. These days, data is more valuable than oil. And health data is the most valuable of all data! Companies of all types should consider the legal risk with data valuation, data ownership, and data sharing agreements. Data sharing projects take many forms and address many important issues, including improvements in patient safety, fraud and abuse, population health, research, and costs to the health care system. That said, the contractual, state, federal, and international regulatory requirements applicable to such data sharing projects are significant. As such, health care entities may be particularly vulnerable to legal risk related to data sharing projects involving health data. Specifically, health care entities should consider contractual obligation, HIPAA, state privacy laws, and other requirements, as well as discuss risk assessment, data sharing agreements, key provisions, and business associate relationships. The presentation offers best practices for these important issues and projects.
1st Talk Compliance features guest Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX, on the topic of “A Business Associate Agreement? Tell Me More!” Rachel joins our host Catherine Short to discuss how Business Associate Agreements (BAA) are not new; however, some individuals are new to healthcare and others never understood what a BAA is exactly. A BAA is a contract that fundamentally gives assurances that the parties are complying with the Security Rule and Privacy Rule, setting parameters in the event of a reportable security incident or a breach, and states how the sensitive data will be returned and destroyed at the end of the relationship. This presentation not only seeks to dispel myths about why certain language is prevalent in nearly all BAAs, but also provides insight into other provisions, and items for consideration, in light of the 21st Century Cures Act.
1st Talk Compliance features guest Trey Scott, Coordinating Attorney at Kennedy, Attorneys & Counselors at Law, on the topic of “Have a Breach? Reporting Requirements with the OCR.”Trey joins our host, Catherine Short to discuss the reporting requirements for a data breach of a healthcare provider, the definition of a breach, different timelines for reporting breaches, as well as how to complete a breach reporting form from the Office of Civil Rights.
The Virtual HIPAA Privacy and Security Workshop 2022 on Nov 3, 2022 offers Multiple Learning Credits
The Virtual HIPAA Privacy and Security Workshop 2022 by First Healthcare Compliance will provide resources for professionals working to stay informed regarding the challenges of the complex and highly regulated healthcare industry. The virtual event will be held on November 3, 2022 from 12:45 pm ET until 4:15 pm ET. Registration is available to the public.
1st Talk Compliance features guest Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX, on the topic of “How New Legislation Impacts Privacy.” The Dobbs Opinion repealed fifty years of precedent under Roe. The implications of the Opinion extend beyond women’s reproductive rights and impact the privacy rights of all Americans. The purpose of this episode is to explain the key aspects of the Dobbs Opinion related to privacy from both the Majority and the Dissent’s perspective, address the current legislative initiatives, HHS Guidance, and Executive Orders, as well as appreciate the role HIPAA plays in navigating Dobbs.
1st Talk Compliance features guest John Shegerian, Chairman and CEO of ERI, the largest cybersecurity-focused hardware destruction and electronic waste recycling company in the United States and co-author of the cybersecurity book, “The Insecurity of Everything” on the topic of “The Insecurity of Everything: The Vital Importance of Hardware Data Security.” He will share some of the latest information about the very real problem of hardware hacking in the world of healthcare and beyond and how that issue became even more serious during the pandemic, with so many people working from home. He will also be explaining critical information for health-related businesses to help them keep their private data – and the data of their patients and customers – protected!
1st Talk Compliance features guest William J McBorrough, co-Founder and Chief Security Advisor at MCGlobalTech, a D.C.-based Information Security Consulting Firm on the topic of “Combatting Ransomware in Healthcare.” William joins our host, Catherine Short to examine how ransomware attacks have impacted thousands of organizations worldwide with the healthcare sector having been the most targeted. Join us in a discussion of the state of ransomware in the healthcare sector and best practices to prepare your organization from the inevitable attacks.
The healthcare industry and hospitals are increasingly at risk for ransomware and other types of cyberattacks. Several recent examples illustrate the risks and repercussions that result from a combination of inadequate resources and a lack of clear and effective cybersecurity guidelines.