4a healthcare data security & privacy symposium 2015 banner · 4a security & compliance...
TRANSCRIPT
Register with [email protected] / 484.324.2755 x212
Program Leaders
Conference Mission
Banner
“Health and medical regulators are promising audits and tougher enforcement while law enforcement warns that health data is under attack. Meanwhile, there is no shortage of ‘solutions’ promising to protect data and prevent breaches, but not enough resources or even time in the day to review all the options. Of course, cyber security is not just an IT problem. It is a risk management problem that requires an interdisciplinary team approach. And that’s what inspired the mission for this event.” –Ben Goodman, 4A Security & Compliance
Ben Goodman
Lisa Clark
4A Healthcare Data Security & Privacy Symposium 2015
Developed in collaboration with
V11
Chairs & Speakers
Ben Goodman CEO 4A Security & Compliance
Pamela E. Clarke Dir. Member Services & Policy HealthShare Exchange of Southeastern Pennsylvania
Lisa W. Clark Partner, Head of Firm’s mHealth Interdisciplinary Group Duane Morris LLP
Patricia Q. Connolly Executive Director Center for Corporate Governance Drexel University LeBow College of
Dr. Tama Copeman Founder & CEO Alcyone*7
Alcyone*7
Register with [email protected] / 484.324.2755 x212
Noelle P. Conners Hospital Compliance Officer St. Christopher’s Hospital for Children
Samantha Billy Senior Professional Risk Broker Aon Risk Solutions
Barbara Holland Regional Manager Office for Civil Rights U.S. Department of Health & Human Services
John M. Neclerio Partner Duane Morris LLP
Winston Krone Managing Director KIVU Consulting Inc.
Jay Orler Vice President Infrastructure & Security Lightbeam Health Solutions
Dave Snyder Chief Information Security Leader, Director of Information Security & Risk Management Offices Independence Blue Cross
Colin Morgan Global Information Security Manager & Information Security Officer Johnson & Johnson
Speakers
Ben Stone Supervisory Special Agent Federal Bureau of Investigation
Adrian Talapan Co-Founder and CEO Haystack Informatics A CHOP & DreamIt Ventures Company
Jaime L. Sheller Product Manager for the Breach Coach® Cyber Portal & Privacy Ethics Consultant NetDiligence®
Steve Alderfer Director, IT Security Audit 4A Security
J. Mark Eggleston Vice President, CISO & Privacy Officer Health Partners Plans
Josh Ladeau Practice Lead – Privacy & Network Security Allied World Assurance Co.
Nikhil Thakur Regulatory Policy Advisor Food & Drug Administration
Agenda
Register with [email protected] / 484.324.2755 x212
09:00
Time Topic Speakers
Big Data & Population Health: Security & Privacy Challenges & Solutions Big data and population health are critical to the success of the “Federal Health IT Strategic Plan 2015-2020,” and yet, there are major security and privacy challenges that are only beginning to be addressed. This panel will consider how big data is being used and some of the key security and privacy implications for population health as well as some of the solutions that address them. than their value?
10:00
Barbara Holland Office of Civil Rights
U.S. Department of Health & Human Services
12:00
11:00 Break
07:30 Registration & Breakfast
Opening Remarks Ben Goodman 4A Security & Compliance
08:45
11:15
Lisa Clark, moderator Duane Morris
Dave Snyder Independence Blue Cross
Jay Orler
Lightbeam Health Solutions
Pamela Clarke HealthShare Exchange of
Southeastern Pennsylvania
HHS Office of National Coordinator for Health Information - Pending confirmation
Law Enforcement Update: Cybercrime & Healthcare Ten months before Anthem disclosed it was breached, the FBI warned the healthcare industry that they were under heightened risk of being the target of cyber attacks. This update from law enforcement will cover the most important past and current cybercrime activity from the law enforcement perspective.
Ben Stone Federal Bureau of Investigation
Health & Human Services: Office of Civil Rights Update HHS OCR has seen significant change and a great deal of activity since the HIPAA Omnibus Final Rule came into effect. This year, pre-audit screening surveys were sent out to 350 covered entities and 50 business associates as part of Phase 2 of the HIPAA Audit Program. This session will provide an update on recent activity and what’s on the horizon, and will explain impacts to Covered Entities, Business Associates and other stakeholders. n their value?
Lunch
Register with [email protected] / 484.324.2755 x212
01:00
Time Topic Speakers
02:00
03:00 Break
Agenda
03:15
Mobile Health, Apps & HIT Innovation: Security & Privacy by Design With $7B invested in healthcare IT ventures last year, innovation in mobile health, healthcare apps & healthcare IT is burgeoning. Too often data security and privacy is an afterthought, as the FDA’s Safety Communication concerning cybersecurity vulnerabilities in the Symbiq Infusion System illustrates. Speakers will discuss how they are innovating & protecting data at the same time. These are models for innovation & product development that every investor should insist upon.
Winston Krone Kivu Consulting
Dr. Tama Copeman
Alcyone*7
Adrian Talapan Haystack Informatics
Nikhil Thakur
Food & Drug Administration
Ben Goodman, moderator 4A Security
Noelle Conners St. Christopher’s Hospital for Children
Mark Eggleston Health Partners Plans
Colin Morgan Johnson & Johnson
Steve Alderfer 4A Security
Security & Privacy Controls: Implementation in the Real World On paper, security plans can be compelling, but the reality of constrained resources and the “human factor” makes implementing and maintaining the required controls a challenge. This is especially true when you factor in company culture, human resource policy, training and issues of employment law. This panel discusses real world solutions that bridge the gap between security and privacy plans and how they are implemented in the real world.
CIOs & Healthcare Cyber Risk Management: Another New Cyber Liability Insurance Frontier “CIOs generally should expect to be sued in increasing numbers over cybersecurity issues,” says an attorney quoted in a recent Wall Street Journal article. How do cyber liability insurance solutions respond? Do they fill in for D&O exclusions? This panel discussion between insurance carriers, attorneys and brokers will discuss these and other important new questions healthcare organizations and their CIO’s should be asking.
Josh Ladeau Allied World Assurance Company
John Neclerio
Duane Morris LLP
Samantha Billy Aon Risk Solutions
Register with [email protected] / 484.324.2755 x212
Time Topic Speakers
Live Tabletop Exercise: Healthcare Data Security Incident Response t This final panel of the day will step through an Incident Response Tabletop Exercise, based on a healthcare data security / privacy incident scenario. The interactive exercise will engage the audience in the process and challenge the panel members as they run through the decision-making process as a security / privacy incident unfolds. Attendees will have the chance to ask questions as participants make decisions based on imperfect information and identify areas of concern for organizations dealing with protected healthcare information.
Ben Goodman, moderator 4A Security & Compliance
Lisa Clark
Duane Morris
Winston Krone Kivu Consulting
Patricia Connolly
LeBow College of Business
Jamie L. Sheller NetDiligence
Mark Eggleston
Health Partners Plans
04:00
05:01 Reception
Agenda
05:00 Adjourn
4A & HB wishes to thank the sponsors and hosts!