Recorded:   August 20 | 2014      Play

With the emergence of big data healthcare analytics, electronic health information exchange, clinical data warehousing, and other technologies for optimizing patient care, the healthcare industry has never been more reliant on electronic data and the strict requirements associated with the data. The advances in business processes, technology and regulations require that data security initiatives evolve to address new and growing threats. Coincidentally, in a recent survey, 69% of organizations felt that provisions of the Affordable Care Act (ACA) have the effect of increasing or significantly increasing risks to patient privacy and security.

Chasing compliance is an expensive proposition that doesn't adequately address the current security threats and vulnerabilities. Organizations that simply want to comply with the regulations are already at risk. A more effective program is risk-based -- one where incremental changes to controls can be made in real-time to more effectively combat current threats to your security program. Join us for this webinar where you'll learn:

• Why compliance is an outcome of an effective data protection program.
• Risk assessment, analysis and management – what's the difference and why you need them.
• What is considered 'reasonable'?
• What leading healthcare organizations are doing today to protect data, with a focus on securing Big Data for healthcare analytics?
• How data protection can help without getting in the way of patient care.
• How do you protect from your healthcare organization public loss of confidence?

Speakers

Mark Bower is the Vice President of Product Management & Solutions Architecture at Voltage Security. He is a noted expert in data protection solutions, and expertise spans electronic banking, payments processing, smartcard payment systems, Public Key Infrastructure (PKI) and identity management systems both for the commercial and government sectors. Mark is heavily involved in industry standards bodies including the PCI Security Standards Council SIG's covering Tokenization, Point to Point Encryption, EMV and e-commerce. He has authored several patents for e-commerce and security technology innovations in POS software management and remote control and data security based on his extensive experience in banking and payment solutions. Mark has worked on numerous security projects with Global 2000 firms in the UK, Asia, Australia, and North America including many of the Fortune 50 in the US. He holds a B. E. (Hons.) degree in Electrical Engineering from the University of Queensland, Australia and is based in California, USA.

Andrew Hicks is the Healthcare Practice Director at Coalfire with over 15 years of experience in IT GRC specific to IT security, risk management, audit, business continuity, disaster recovery, and regulatory compliance. His understanding of business processes and technology provides extensive knowledge of policy development, internal control design and testing, system development reviews, and risk mitigation. Mr. Hicks has implemented and managed IT internal control programs relative to maintaining Sarbanes-Oxley, HIPAA security, HITECH, HITRUST and PCI regulatory compliance. He has a broad understanding of IT security best practices, as well as the ISO 27000 series, NIST, COBIT, HITRUST CSF and various other ITGC frameworks. He has delivered services in a wide range of industries, including oil and gas (upstream, downstream, and exploration), healthcare (incl. emergency medical services and medical devices), insurance, retail, and financial services.