The team at security vendor Coalfire has a serious message: Healthcare providers should not feel too comfortable with many of today's security measures.
Awareness, preparation and renewed risk assessment are essential when it comes to protecting electronic personal health information, company officials say.
Adopting the theme “Compliance is NOT equal to security,” Coalfire will be in the Cybersecurity Command Center at HIMSS15 and at its own booth, 3204 in Hall A. In both places the company plans to demonstrate HIPAAcentral, its risk management service to help Covered Entities and Business Associates monitor the risk and compliance of their downstream vendors.
“We saw how compliance alone did not keep ePHI secure at Anthem, so what do you need to reduce the probability of a breach?” asks Andrew Hicks, healthcare practice lead at Coalfire.
That’s not necessarily an easy question to answer. Indeed, the dangers to security and some effective strategies providers can use to deflect threats will be the topic of a discussion on Monday, April 13.
Coalfire will be hosting the presentation, “How to Minimize Risk and Maximize ePHI Protection,” within the Cybersecuity Command Center and featuring chief information security officers from a cloud services provider and a large health system, along with risk management advisors on the vendor side.
“There is a need to discuss more than HIPAA compliance, because that’s not enough to secure ePHI,” Hicks said. “We’ll offer advice on a holistic risk management program that can help providers build a multilayered approach to securing sensitive data.”
Related video:
Related articles:
How one health system is putting an end to insider snooping
HIMSS15 Social Media Ambassador Brian Ahier: HIE-vangelist, hacky sack extraordinaire
