All healthcare entities that collect, store, use, or exchange protected health information have an obligation to their patients, by law and regulation, to protect that information. Multiple legislative and regulatory requirements exist to codify a healthcare entity's obligations and to provide the patient with recourse in the event that the protected health information is mishandled. To help organizations reach these goals, this section of the HIMSS Health IT Body of Knowledge contains information and resources on HIPAA, security risk analysis, disaster preparedness and business recovery and other relevant topics.
Privacy and Security
Larry Trotter II talked about how to build a security awareness program.
Kara Earle, Matt Werling, Daman Toth, and Paul Martin talked about the role security plays in the fight against drug diversion. Separately, Kevin McGrail spoke about bad actors and the security risks of social media.
Georgea Mancuso, Esq. discussed the intersection between emerging cyberrisks and cyber liability insurance coverage.
Richard Staynings discussed the convergence of patient safety and cybersecurity.
Jackie Evans of Mayo Clinic discussed how to enhance your organization's identity access and management program and how to train identity access and management professionals.
Axel Wirth and Vikram Thakur of Symantec discussed the current threat landscape, a 2018 update for cyber risks, recent threat intelligence, and malware trends.
Amylynn Errera explained what the InfraGard Cyber Health Working Group is, what it does, and how it may benefit health IT stakeholders.
Kevin Johnson provided insights in regard to understanding the way hackers think to protect healthcare organizations.
Michael Parisi provided insights in regard to third party assurance as part of a risk management program.
Elaine Zacharakis, Esq. and Peter Blenkinsop, Esq. provided insights on the General Data Protection Regulation and best practices for healthcare organizations, including those in the United States.
This is the written transcript of the Code Red episode 1 "You Are the Next Target", which explores what cyber security in health care looks like in a post-Meaningful Use world.