Congress has proposed 10 best cybersecurity practices, developed by HHS, that can dramatically reduce the OCR’s financial and operational impact.
Join this session and learn CMS’s “Top 5 Threats” and “10 Best Practices” targeted to mitigate specific cybersecurity threats for your facility. Easy to understand terminology, participants are provided the Best Practice guidelines, which include templates and toolkits. This HHS publication is now referenced in proposed Congressional Legislation as a means by which organizations can substantially mitigate the penalties of a breach.
In the aftermath of 2017’s “Wannacry”, an Executive Order directed HHS to conduct a healthcare cybersecurity threat assessment. In response to the assessment findings, under Congressional Mandate, HHS lead a comprehensive task group spotlighting healthcare’s 5 most common cybersecurity threats and defined 10 Best Practices to mitigate these threats. Stratified for small, medium and large organizations, it is imperative HIM professionals understand the impact of these threats being exploited, focus their cybersecurity vocabulary and understand CMS’s guidance.
Information Governance can control, secure and leverage the asset of information while simultaneously improving patient care/safety and fulfilling the mission of the business. Relentless cybersecurity attacks, financially devastating privacy breaches and increasingly complex regulations dictate a new paradigm of interdependence and information workflow. AHIMA membership is uniquely positioned to lead an inter-departmental realignment.
2018 Ponemon Cybersecurity Report details “Healthcare executives increasing their cybersecurity knowledge have a 52% increased probability of promotion to senior executive leadership.” This HHS publication covered in this presentation is a must read for healthcare leadership.
The Cybersecurity Act of 2015 (CSA) (Public Law 114-113) establishes a trusted platform and tighter partnership between the United States (U.S.) government and the private sector, recognizing that our critical infrastructure, economic solvency, and personal safety has become intertwined with our digital technologies.
Section 405 (d) of Cybersecurity Act of 2015 (CSA) calls for “Aligning Health Care Industry Security Approaches.” It is with this imperative that industry and government came together under the auspice of the 405(d) Task Group, starting in May 2017. Our Task Group focused on building a set of voluntary, consensus-based principles and best practices to ensure cybersecurity in the Health Sector.
Our group is comprised of HHS, DHS, FDA, NIST, Healthcare Industry Cybersecurity Task Force, healthcare providers, medical device manufacturers, private corporations and cybersecurity experts. All efforts are coordinated by the Health and Public Health Sector Coordinating Council’s Joint Cybersecurity Workgroup (HPH-SCC-JCSW).
This group, under the direction of HHS, has assessed our healthcare industry’s most impactful cybersecurity threat vectors, our areas of vulnerability, prioritized impact and created a shortlist of the mitigation strategies for a broad range of organizations within the industry. This document is currently in draft format and cannot be released to the general public. It is scheduled for release in January 2019.
This presentation will review the targeted voluntary recommendations produced by our Joint Cybersecurity Workgroup. Introduce Framework terms to start educating the health sector professionals on important and generally accepted cybersecurity terms. The attendees will leave with an understanding of our industry’s primary cybersecurity risks and the ability to tailor those recommended best practice mitigation strategies to their own unique organization.
Join our session and gain insight into healthcare’s “Top 5 Cybersecurity Threats” and “10 Best Practices”, created by the HHS led Health and Public Health Sector 405(d) Task Group.
This Congressionally mandated 405(d) Task Group has focused on building these voluntary, consensus-based principles and best practices to ensure cybersecurity in the Health Sector. The Group is comprised of HHS, DHS, FDA, NIST, Healthcare Industry Cybersecurity Task Force, and over 150 healthcare providers, medical device manufacturers, private corporations and cybersecurity experts.
In easy to understand terms, learn the 5 cybersecurity threat vectors that are most impactful. Understand the 10 Best Practices, supported by HHS/OCR, for suggested mitigation strategies across small, medium and large organizations.
Ensure your organization focuses on the highest risk threats with appropriate control techniques, policies and procedures. Templates and toolkits will help integrate this knowledge into an Information Governance plan that can establish targeted policies and coordinate departmental workflow, cybersecurity education and compliance.
January 30, 2020
CEU: 1.0 – Information Protection: Access, Disclosure, Archival, Privacy and Security
Ty Greenhalgh, HCISPP, Cyber Tygr CEO
Ty Greenhalgh has been dedicated to the healthcare information technology and information management industry for over 30 years. He is an ISC2-certified healthcare information security and privacy practitioner (HCISPP) and cybersecurity officer. His experience has leveraged advanced disruptive technology solutions to assist healthcare organizations in overcoming seemingly insurmountable challenges. Mr. Greenhalgh is an active member in several groups and associations, such as Healthcare and Public Health Sector Coordinating Council’s Joint Cybersecurity Workgroup, the National Initiative for Cybersecurity Education (NICE) Workforce Development Workgroup, and the North Carolina Health Information and Communications Alliance (NCHICA) Biomedical Taskforce. While employed with 3M Health Information Systems for over 25 years, he worked in a variety of capacities supporting the advancement of disruptive health information management technologies, achieved landmark results, the highest performance evaluation reviews possible and numerous awards. An early pioneer of the electronic medical record (EMR), the Henry Ford Health System awarded the “Most Innovative Technology of the Year” to Mr. Greenhalgh, in conjunction with the AHIMA, for groundbreaking work in developing one of the first EMR systems to contain automated HIM workflow and electronic signature.