2019 CIO Virtual Cybersecurity Symposium™
This 3-session workshop is designed to help healthcare leaders think about cyber risk holistically and build a program that ensures data is effectively protected.
Protecting patient information is foundational to any healthcare organization’s IT strategy. As cybersecurity threats grow in frequency and complexity, many CIOs find themselves plugging holes in their system infrastructure to address vulnerabilities.
Join Clearwater's experienced faculty of presenters for in-depth insights, best practices and an opportunity to earn CEUs.
July 11 | Session 1
Module 1 – The Evolving Cyber Risk Landscape: True Stories from the Field
Using relevant healthcare Cyber Risk Management case studies, this module will set the foundation for the key learning objectives of the Symposium. Key topics explored include how cyber risk is evolving from Compliance Risk to Security Risk to Patient Safety Risk to Medical Professional Liability Risk and, as a result, how CIOs must lead their organizations to take a much more strategic, business-oriented and architectural approach to Cyber Risk Management.
Presenter: Bob Chaput, MA, CISSP, HCISPP, CRISC, CIPP/US, Executive Chairman, Clearwater LinkedIn
Module 2 – OCR Enforcement: Past, Present, and Future
This presentation will examine OCR HIPAA enforcement. Trends over time in enforcement activity and violations will be discussed. In addition, we will discuss what OCR is currently focused on and discuss the future of enforcement.
Presenter: Jon Moore, MS, JD, HCISPP, Chief Risk Officer & SVP, Professional Services, Clearwater LinkedIn
July 18 | Session 2
Module 3 – A Framework for Analyzing Cyber Risk
The healthcare industry continues to trail behind other industries in cyber preparedness, making this important part of our critical infrastructure a top target. After years of working to comply with HIPAA and spending hundreds of millions to recover from attacks and breaches, how do we get our arms around this? This module will focus on the benefits of using a framework to analyze your cyber risk, identify exposures and structure your program to improve your overall information risk management posture.
Presenter: Cathie Brown, CGEIT, PMP, CISM, CISSP, VP of Professional Services, Clearwater LinkedIn
Module 4 – The Risk Treatment Decision
HIPAA (45 CFR §§ 164.308(a)(1)(ii)(A)) mandates that a Risk Analysis be performed by every entity that creates, receives, maintains, or transmits ePHI as part of their business model. Upon conclusion of the Risk Analysis, those entities must address the substantive findings of the Risk Analysis is a manner also prescribed by HIPAA. This module will discuss that requirement.
Presenter: Blaine Hebert, MSIT, CISSP, HCISPP, Principle Consultant, Clearwater LinkedIn
July 25 | Session 3
Module 5 – Rethinking Cybersecurity Policy Governance: How to Turn Organizational Intent into Action
This presentation will offer a framework to more effectively define, organize, implement and manage organizational cybersecurity policy expectations. We will discuss the establishment of governance principles that are based on well-established and mature cybersecurity control standards and address the requirements necessary to implement a principal-based policy framework.
Co-Presenter: Wes Morris, CHPS, CIPM, HCISPP, Managing Consultant, Professional Services Clearwater LinkedIn
Co-Presenter: Adam Nunn, Principal Consultant, Clearwater LinkedIn
Module 6 – Making the Case for Cyber Risk Management Investment
The rapidly growing ecosystem of organizations supporting the healthcare industry and the increasing number of attack surfaces has made healthcare a soft target for those focused on exploiting our vulnerabilities. The challenge is the lack of funding for identifying, prioritizing and implementing necessary safeguards and controls to reduce the risks to health information. Investment in those safeguards and controls is an investment in damage control to the reputation, financials, and data of the organization. Learn tips, tools, and methodology that have proven to be successful to obtain funds for data protection.
Presenter: Baxter Lee, CFO, Clearwater LinkedIn
Attendance Certificates to apply towards CEUs will be issued to all attendees who complete the Symposium.
Attendees will be requested and expected to:
- Engage in live polls conducted in each session
- Post questions and comments for Faculty to address
- Complete an evaluation after the each session
*Attendance to each session is encouraged, but recordings will be available within 48 hours after the competition of each session for easy catch-up.