Health Care Cybersecurity: Issues and Strategies Regarding the Protection of Health Care Information, Prevention and Remediation of Data Breaches and Defense of Administrative and Legal Actions

Magnolia Hotel

Ballroom — Third Floor
1100 Texas Avenue
Houston, Texas 77002


Legal, Economic, and Enforcement Issues Regarding Health Data Protection and Breach Remediation

Stuart M. Gerson
Member of the Firm, Epstein Becker Green; former Assistant and Acting United States Attorney General; and Leading Advisor and Litigator Regarding Health Care Cybersecurity Issues.

Alaap B. Shah
Associate, Epstein Becker Green, and Counselor on Compliance and Certification Issues in Health Care Data Privacy and Security.

Adapting the Cybersecurity Framework to the Health Care Sector Using the HIPAA Security Rules as a Benchmark

David Holtzman
Vice President, Privacy and Security Compliance Services, CynergisTek, Inc., former Department of Health and Human Services, Office for Civil Rights, Senior Advisor for Health Information Technology and the HIPAA Security Rule.

Assurance That a Common Security Infrastructure Cost-Effectively Satisfy Federal and State Law

Bryan Cline
Chief Information Security Officer for HITRUST Alliance and Expert in the Certification Process for Compliance with Federal Law, Including HIPAA, and State Law, Including that of Texas.

Mark S. Armstrong
Epstein Becker Green
Houston, Texas

Cybersecurity is a front-page national issue with revelations of breaches at the National Security Agency and at nationwide retail chains inciting widespread interest, concern, and, not incidentally, costly remediation programs and even more costly litigation. In particular, the security of personal health information ("PHI") and other personally-identifiable information ("PII") is the subject of public concern that has been manifest in expanding federal and state regulatory regimes that have created considerable compliance challenges for HIPAA- and state-law-covered entities and their business associates. Responses to data breaches and unauthorized disclosures, and related enforcement and private litigation, add both complexity and great expense to the equation.

Health care reform brought many new and amended rules governing health care data security and providing for crippling penalties for noncompliance, even to the point of exposure to civil and criminal liability under Federal and State anti-fraud laws and of exclusion from participation in governmentally-funded health care programs. Thus, it is imperative for health care providers and their business associates to understand the need for effective compliance, including privacy and security audits, legal and regulatory obligations, breach response and remediation, and litigation defense.

This seminar will address these and related issues, including:

  • The breadth and scope of the health care cybersecurity threat
  • Enhanced tools for audit and compliance
  • Security of mobile devices, data systems, and medical devices
  • Insider threats: the chief vulnerability
  • President Obama's executive order on cybersecurity and its impact on the health care sector
  • Federal and state enforcement and the conduct of governmental privacy and security audits
  • Avoidance and defense of administrative actions and private class-action litigation

You should attend this program if you are an administrator, chief executive officer, chief financial officer, compliance officer, privacy professional, security professional, information technology professional, or in-house attorney of any covered entity, including an academic medical center, ambulance provider, clinical laboratory, DMEPOS supplier, health plan, home health agency, hospice, hospital, long-term care facility, MA Plan, Part D Plan, pharmacy, physician group, skilled nursing facility, or other health care provider.

Registration Fee: $30.00 (Includes valet parking).

Health care organizations that register multiple attendees have a maximum registration fee of $90.00.

Please RSVP no later than February 18, 2014.

To register, please click here.

For additional information, please email Amanda Wilson Naumann
at [email protected] or call 713/300-3200.

Continuing Education Credits
CPIHIMS/CAHIMS: This program has been submitted for review and approval of 3.0 hours of continuing education (CE) hours for use in fulfilling the continuing education requirements of the Certified Professional in Healthcare Information and Management Systems (CPHIMS) and the Certified Associate in Healthcare Information and Management Systems (CAHIMS).

CCB: This program is pending approval for 3.0 Compliance Certification Board (CCB) Continuing Education Units. Granting of prior approval in no way constitutes endorsement of the program content or the program sponsor.

CLE: Epstein Becker Green has been approved by the State Bar of Texas for 3.0 CLE credits. Please note that to receive full credit for attending, registrants must be present for the entire session. Epstein Becker Green provides assistance to those with financial hardship who wish to attend; please submit requests for assistance with an explanation to Amanda Naumann. The briefings are accessible to persons with disabilities; please notify Amanda Naumann if accommodations are needed.