All events are in Eastern Time (ET) unless otherwise noted in the event description.

  • Event Information

    A comprehensive overview of the Association for Executives in Healthcare Information Security (AEHIS) for new members and existing members alike. Membership Director Zach Donisch will cover AEHIS' mission and direction, the "who's who" of the AEHIS team, and the major membership benefits and ways to access them.

  • Event Information

    Medical Device security continues to be an area of confusion and extreme concern for healthcare organizations. It is estimated that the average vulnerability rate per medical device is 6.2 and that as many as 60% of medical devices in a single hospital are running end of life operating systems.

    Learning Objectives

    1. Gain insight into the key findings related to medical device security and the associated strategic recommendations.

    2. Develop a tactical and strategic foundation for medical device security

    ​3. Understand the 5 Key Critical Safeguards for Medical Device Security.

  • Event Information

    The European Union (EU) has enacted global sweeping security regulations in the form of the Global Data Protection Act (GDPR), which becomes effective in May 2018. Healthcare entities in the U.S. are scrambling to answer some key questions about how GDPR may or may not impact their own information security and privacy compliance posture.

    Join us for this informative session which will address pressing questions facing healthcare organizations as they size up the new GDPR requirements. Specifically, we will speak to the following considerations:

    ·         What is the scope of GDPR and how does it apply to U.S.-based healthcare entities?

    ·         What data types and categories of information are covered by GDPR?

    ·         Do compliance obligations vary depending on whether I am a provider, payer, or vendor (Business Associate) servicing the healthcare industry?

    ·         What are the security controls required for GDPR and how do they align with HIPAA, NIST, HITRUST, and other U.S.- based regulations and standards?

    ·         How is GDPR enforced and what are the potential penalties for noncompliance?

    ·         Do I need to allocate resources and FTEs to GDPR compliance?

    ·         What should I do next?

  • Event Information

    C-level executives must consider cyber risk as a core tenant of their responsibilities, as well as their mission to drive sustainable healthcare services. In this talk, we’ll explore attack trends and share best practices and preventative measures to help you reduce risk and avoid investigations.


    Learning Objectives:

    The importance of incorporating cybersecurity into your business strategy

    Office of Civil Rights (OCR) enforcements and key components of an OCR Correct Action Plan (CAP)

    A real-life example of one healthcare organization’s CAP

    Trends, best practices and proactive measures to help you mitigate risk and avoid regulatory investigations