This risks of a data breach have increased dramatically for all organizations, including healthcare. However, even with the increase in data breaches, healthcare is still lax when it comes to information risk management. In the past, healthcare was blissfully unaware that cyber criminals were interested in their data. With the recent headlines (ie. Community Health Systems, Anthem), healthcare is no longer safe. The only way to safeguard the sensitive information within your organization (PHI, PII, credit card data) is to have a robust information risk management program.
In this 75-minute live session, attendees will:
- Understand ‘best practices’ in information risk management.
- How to begin to use an Information Risk Management Capability Advancement Model.
- Begin the process of establishing, operationalizing and maturing an information risk management program.
This webinar is designed to help covered entities (CEs) and business associates (BAs) understand and act on the importance of maturing an information risk management program.
Date & Time
October 26, 2017
11 am – 12.15 pm CDT
Although the healthcare industry has been managing risks, it has typically been focused on clinical healthcare risks. But just as clinical errors can lead to increased risk and patient harm, a cyber-intrusion, or any impermissible use or disclosure of PHI, can also lead to patient harm. Because the risk focus has been historically clinical, most organizations do not understand information risk, and therefore information risk management.
To reduce the likelihood and impact of the compromise of any sensitive information, organizations must implement a balanced information risk management program that invests in and implements reasonable and appropriate policies, procedures, people programs (such as background checks, training and disciplinary actions for non-compliance) and safeguards or controls. Yet, organizations have failed to implement the necessary programs.
In this webinar, we introduce the idea of an information risk management Capability Advancement Model and how it can be used as an assessment, decision making and action-planning tool. The use of a maturity model allows an organization to have its methods and processes assessed according to management best practices, against a clear set of external benchmarks. Maturity is measured by the designation of a particular “Maturity Level”.
If you are a CE or BA that creates, receives, maintains or transmits ePHI, or any sensitive information for which you cannot afford loss or harm, you will benefit from attending this session.
- What constitutes the most key risk management practices.
- How to begin to use an information risk management Capability Advancement Model.
- Practical, tangible, actionable next steps for their organizations.
- A self-assessment tool that may be used to start the process of implementing the balanced information risk management program for one’s organization.
- All registrants will receive a copy of all slide materials.