The accreditors of this session require that you periodically check in to verify that you are still attentive.
Please click the button below to indicate that you are.
In 2015, the United States Congress passed the Cybersecurity Act (CSA), and within this legislation is Section 405(d): Aligning Health Care Industry Security Approaches. As an approach to this requirement, in 2017 HHS convened the 405(d) Task Group leveraging the Healthcare and Public Health (HPH) Sector Critical Infrastructure Security and Resilience Public-Private Partnership. The Task Group’s charge was to develop a common set of voluntary, consensus-based, and industry-led guidelines, practices, methodologies, procedures, and processes that serve as a resource to meet three core goals: (1) Cost-effectively reduce cybersecurity risks for a range of health care organizations; (2) Support voluntary adoption and implementation; and (3) Ensure, on an ongoing basis, that content is actionable, practical, and relevant to health care stakeholders of every size and resource level.
This presentation is an opportunity to discuss the importance of cybersecurity practices and raise awareness that cybersecurity should be treated as an enterprise issue, not just an IT issue. This session will provide information on how organizations can leverage Health Industry Cybersecurity Practices (HICP) to apply mitigating practices to the five main cybersecurity threats.
Speaker(s):
Julie
Chua,
Branch Chief, Risk Management HHS OIS,
United States Health and Human Services
Erik
Decker,
Chief Information Security and Privacy Officer,
The University of Chicago Medicine
Nicholas
Heesters,
JD,
Health Information Privacy and Security Specialist, OCR,
United States HHS, Office of Civil Rights
Lacy A.
Knight,
MD, MS,
Chief Medical Information Executive, North Region,
Northwestern Medicine