Written by HITRUST Independent Security Journalist Sean Martin .
There’s a lot going on in the world of Health Information Privacy and Security these days; changing compliance requirements, emerging technologies and evolving cyber threats, just to name a few.
Healthcare professionals must continue to work together, sharing information and best practices with each other as a means to stay ahead of the curve while we all strive to provide the best health products and services to our patients while adhering to their right to privacy.
HITRUST 2016 is the nation’s most extensive health information protection conference designed to bring together the top minds in from industry, government, technology, and professional services.
Some of those include:
- Daniel Nutkis, Chief Executive Officer, HITRUST
- George DeCesare, Senior Vice President and Chief Technology Risk Officer, Kaiser Permanente
- Gregory Touhill, Deputy Assistant Secretary for Cybersecurity and Communications Department of Homeland Security
- Robert Booker, Senior Vice President and Chief Information Security Officer, UnitedHealth Group
- Roy Mellinger, Vice President and Chief Information Security Officer, Anthem, Inc.
This event is highly relevant and helpful to all professionals concerned with the health industry’s ongoing efforts to protect health and other personally-identifiable information from the cyber threats targeting businesses and institutions.
With 38 breakout sessions to choose from, these are some of the topics that speakers, panelists and attendees can expect to engage in during the 4-day conference:
- HITRUST CSF / CSF for SOC2
- Ransomware
- Cyber threat sharing
- Cloud security
- De-Identification
- Risk management
- Healthcare implementations of the NIST cybersecurity framework
- Third-party assurance
- Cyber insurance
To aid in the selection of the most appropriate sessions to attend, this post serves as a potential checklist for sessions each role should consider.
For the Executives
- Cybersecurity: How to Successfully Engage Executives and the Board
- Security and Privacy Topics to Watch in 2016
- 2015 Health Industry Threat Landscape Briefing – Results Revealed
For the Information Security teams
- Cyber Security Operations – Building or Outsourcing
- Role of Security Products Vendors in Protecting the Healthcare Industry
- Beyond Data Theft: The Wide Reach of a Cyberattack
- Cybersecurity: How to Successfully Engage Executives and the Board
- Breach Detection and Cyber Forensics Can’t be an Afterthought
- Cyber Information Sharing and Analysis Organization (ISAO) 2.0 for Healthcare
- The Evolving Information Security Organization – Strategies, Challenges, and Successes
- 2015 CyberRX: Lessons Learned from Cyber Preparedness and Response Exercises
- Application Vulnerability Reporting and Threat Tracking
For the Risk/Compliance Management and Auditing teams
- 10 Things Every Healthcare Company Should Know About OCR Audits
- Leveraging the Cloud and Managing Compliance
- Risk Management using the HITRUST De-Identification Framework
- The Threat Within: Corporate Ally or Corporate Enemy
- Breach Detection and Cyber Forensics Can’t be an Afterthought
- Adaptive Threat and Risk Framework for Securing IOT in Healthcare: Building Elements
- Achieving Small Risk when Sharing Big Data
- Managing Third Party Compliance: How CSF Assurance Can Help
- Are Hybrid Clouds Really More Secure and Cost Effective?
- Leveraging the CSF to Assess HIPAA Privacy
- CSF to Support SOC 2® Reports
For the IT and Operations teams
- One Phish, Two Phish, Three!
- Let’s Quit Blaming The Victim: User-Friendly Security Awareness Strategies
- Health Technology Management – Biomedical Device Insecurity
- Healthcare and Cloud Storage: What You Can Do to Secure Your Deployment
For the Device Manufacturing professional
- Healthcare’s Losing Battle Against Hyper-connected Machines
- A Framework for Building a Successful Medical Device Program
- Adaptive Threat and Risk Framework for Securing IOT in Healthcare: Building Elements
For the Government and Regulatory Professional
- Is SecureTexas a Model for Granting Safeharbor Nationally?
- Role of Government in Cyber Awareness, Preparedness and Response
- What is on the Federal Government’s Agenda for Information Privacy & Security?
For the Legal Team
- Leveraging a CSF Assessment for Better Insurance Coverage & Premiums
For Everyone
- Lessons Learned – A Retrospective Discussion on HITRUST Certification
- Putting the Pieces Together: Leveraging Current Audits to Solve the HITRUST Puzzle
- Security and Privacy Topics to Watch in 2016
- Industry Implementation of NIST Cybersecurity Framework
- Leveraging your CSF Assessment Reporting with Customers
There’s also a special interactive session designed to immerse participants in a cyber simulation scenario-based workshop which will explore troubling cyber-attack trends and the disruptive nature these incidents have on Health Care organizations. The Cyber Simulation Workshop: Beyond the Data Breach session is being presented and moderated by John Gelinne, Director in Cyber Risk Services, Deloitte & Touche Advisory; Pete Renneker, Senior Manager, Deloitte & Touche Advisory; and John Johnson, Senior Manager, Cyber Risk Services, Deloitte & Touche Advisory.
More details regarding this cyber simulation session can be found in the Cyber Simulation Workshop page
Of course, a big part of most conferences is the ability to network with both your peers and other industry luminaries. HITRUST offers many opportunities for this, including the reception on Monday and Tuesday nights and breaks during breakfast, lunch, and in between sessions.
There are plenty of people to meet, sessions to choose from, and activities to engage in.
We look forward to seeing you there!