Security Zone

FTC and Poaching of PHI

The Increasing Role of the FTC in the Poaching of PHI – A Discussion of Better Help, GoodRx & Flo: Audio Version of the Webinar

Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX will be presenting this informative webinar. Cybersecurity risk management and the potential for enforcement actions is not diminishing. An area of increasing interest by the Federal Trade Commission, the United States Department of Justice, and Congress is third parties taking sensitive data (especially by social media and search engine giants), including protected health information, without obtaining affirmative patient/consumer consent and benefiting financially. The U. S. Department of Health and Human Services, the agency tasked with enforcing HIPAA, also plays a critical role. The purpose of this presentation is to address different federal government initiatives, recent enforcement actions and incidents, and risk mitigation.

A Harassment-Free Workplace vs the Right to Engage in Concerted Activity

1st Talk Compliance features guest Lauren Moak Russell, Counsel at Young Conaway Stargatt & Taylor, LLP in Wilmington, Delaware, on the topic of “A Harassment-Free Workplace vs the Right to Engage in Concerted Activity.” Lauren joins our host Catherine Short to discuss how the National Labor Relations Board under the Biden Administration has expressed a renewed interest in expanding its influence into non-unionized work forces. This includes reviewing and–in the right circumstances challenging–employers’ use of workplace civility, confidentiality, and anti-harassment policies. Listen as we discuss what you need to know to safely navigate the National Labor Relations Act while ensuring that your employees enjoy a safe and respectful work environment.

HIPAA Cybersecurity Criminal Webinar

The Criminal Side of Cybersecurity and HIPAA – Audio Version of the Webinar

Expert presenter, Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX guides us during this important and informative webinar. Breaches and the lack of the requisite technical, administrative, and physical safeguards can have criminal consequences. While most people are familiar with civil cases, there is the potential for HIPAA violations and ransomware attacks to be prosecuted criminally. The purpose of this webinar is to highlight potential areas of criminal liability, give specific examples, and address mitigation techniques – both before and after a government discovery request or grand jury subpoena emerges.

Employee Snooping & Insider Threats

1st Talk Compliance features guest Raymond Ribble, CEO and Founder at SPHER, Inc., on the topic of “Employee Snooping & Insider Threats.” Ray joins our host Catherine Short to discuss snooping and insider threats and why user monitoring and ePHI access strategies are vital to the security of sensitive patient information and data protection. With so much attention and money surrounding cybersecurity in the healthcare industry, malicious employees may decide to purposefully disclose patient information. Since employees and contractors may have knowledge of your network setup, vulnerabilities, and access codes, snooping employees with malicious intent hold the key to exposing your organization to a series of unwanted risks and threats. Listen as we identify signs of unauthorized access, provide guidelines to prevent snooping, and offer procedures to detect insider threats.

Health Data

Health Data, A Value Proposition: Legal Risks with Innovative Data Sharing Projects – Audio Version of the Webinar

Iliana L. Peters, Shareholder at Polsinelli PC will be leading this engaging audio version of her webinar presentation. These days, data is more valuable than oil. And health data is the most valuable of all data! Companies of all types should consider the legal risk with data valuation, data ownership, and data sharing agreements. Data sharing projects take many forms and address many important issues, including improvements in patient safety, fraud and abuse, population health, research, and costs to the health care system. That said, the contractual, state, federal, and international regulatory requirements applicable to such data sharing projects are significant. As such, health care entities may be particularly vulnerable to legal risk related to data sharing projects involving health data. Specifically, health care entities should consider contractual obligation, HIPAA, state privacy laws, and other requirements, as well as discuss risk assessment, data sharing agreements, key provisions, and business associate relationships. The presentation offers best practices for these important issues and projects.

ADC Webinar

Automatic Dispensing Cabinets, Patient Care, and Nurse RaDonda Vaught: Audio Version of the Webinar

Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX presents this very timely and fascinating subject for us. A former nurse was charged, criminally prosecuted, and in March 2022, convicted of gross neglect of an impaired adult and negligent homicide for a 2017 fatal drug error. The purpose is to inform participants of a myriad of items so that facilities can evaluate and implement appropriate safeguards, train nurses and other staff, and take corrective actions before an adverse patient outcome occurs. What happened here is preventable and nurses should not flee the profession, especially because of the compassion shown by the judge.

Dobbs Opinion

The Dobbs Opinion, the Repealing of Roe, & the Impact on the Privacy & Security of Patient Information – Audio Version of the Webinar

Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX presents this very timely subject for us.The Dobbs Opinion repealed fifty years of precedent under Roe. The implications of the Opinion extend beyond women’s reproductive rights and impact the privacy rights of all Americans. The purpose of this webinar is to explain the key aspects of the Dobbs Opinion related to privacy from both the Majority and the Dissent’s perspective, address the current legislative initiatives, HHS Guidance, and Executive Orders, as well as appreciate the role HIPAA plays in navigating Dobbs.

The Insecurity of Everything: The Vital Importance of Hardware Data Security

1st Talk Compliance features guest John Shegerian, Chairman and CEO of ERI, the largest cybersecurity-focused hardware destruction and electronic waste recycling company in the United States and co-author of the cybersecurity book, “The Insecurity of Everything” on the topic of “The Insecurity of Everything: The Vital Importance of Hardware Data Security.” He will share some of the latest information about the very real problem of hardware hacking in the world of healthcare and beyond and how that issue became even more serious during the pandemic, with so many people working from home. He will also be explaining critical information for health-related businesses to help them keep their private data – and the data of their patients and customers – protected! 

Combatting Ransomware in Healthcare

1st Talk Compliance features guest William J McBorrough, co-Founder and Chief Security Advisor at MCGlobalTech, a D.C.-based Information Security Consulting Firm on the topic of “Combatting Ransomware in Healthcare.” William joins our host, Catherine Short to examine how ransomware attacks have impacted thousands of organizations worldwide with the healthcare sector having been the most targeted. Join us in a discussion of the state of ransomware in the healthcare sector and best practices to prepare your organization from the inevitable attacks.

How to Handle Document Retention & Destruction

1st Talk Compliance features guest Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX, on the topic of “HIPAA and Beyond: Documentation Retention & Legal Holds.” This episode addresses laws that are relevant to healthcare industry participants, as well as compliance suggestions, and steps to take when either a legal hold or a preservation request arrives.