All events are in Eastern Time (ET) unless otherwise noted in the event description.

  • Event Information


    Implementation of a vendor management framework creates greater oversight early on in the vendor selection process in support of informed decision-making, determining an acceptable level risk, and reducing the likelihood of vulnerabilities being interjected into your environment.

    The key is to identify your business associates, implement a framework to assess the business relationship, define an acceptable level of risk, and develop strategies to reduce the likelihood and impact of a potential breach - before the regulators come knocking at your door.

    • Cybersecurity Information Sharing in Healthcare: Deciphering A Widely Misunderstood Policy Landscape

    • Start: 10/23/2019 02:00pm
    • End: 03:30pm
    • Event Type: AEHIS LIVE
    • Session Speaker(s):

      Speakers Errol S. Weiss, CSO, Health-ISAC (Health Information Sharing and Analysis Center) Greg Singleton, Director, Health Sector Cybersecurity Coordination Center (HC3), U.S. Department of Health & Human Services (HHS) Theresa Meadows, CIO, Cook Children’s Hospital, Vice Chair, HSCC’s JCWG (Moderator) Reactor Panel Will Long, CISO, Children’s Health in Dallas, AEHIS Chair Dan Bowden, CISO, Sentara Health Sri Bharadwaj, CISO, UC Irvine, Public Health Representative on HSCC JSWG

    • Please login or become a member to register.

    Event Information


    Join us as we lift the cloak of mystery enshrouding cybersecurity threat information sharing in healthcare in a webinar moderated by Theresa Meadows, CIO of Cook Children's Health Care System, vice chair of the HSCC JCWG and co-chair of the HCIC Task Force. Speaker Denise Anderson, president of H-ISAC, will offer a bird's eye view of information sharing in the industry, detailing where information is moving today, where the speed bumps are and the challenges that still must be overcome. She will debunk myths and set the record straight on permitted sharing uses.

    Our reactor panel comprised of leading CISOs in healthcare provider settings will offer a frontline perspective detailing where existing guidance is misunderstood, how information sharing is shaping their role in defending against cyberattacks and where improvements are needed. Attendees will have the opportunity to query our speakers and panel of reactor experts on burning questions they have over the widely misunderstood landscape of cybersecurity threat sharing in healthcare.

  • Event Information


    The critical nature of healthcare systems has made penetration testing difficult in the past due to uncertain outcomes. CISOs have begun to understand that traditional cybersecurity assessments do not provide the same insight a penetration test could. This has left a gap between a traditional penetration test, which is not optimized for healthcare information systems, and the need for a deeper technical dive into these systems, with a specialized care to avoid systems that could cause unnecessary system downtime or impact patient care. Organizations can have more confidence when performing a penetration test by carefully determining the scope of the assessment, planning for clear and open communication, and having an understanding of unique healthcare technologies and protocols. Learning Objectives:
    • Understand the difference between penetration testing and vulnerability assessments
    • Understand how penetration testing differs across industries
    • Learn how healthcare penetration tests can be tailored to the client
    • Understand the value proposition penetration testing can bring to healthcare
    • Learn about future considerations for penetration testing in healthcare
     
  • Event Information


    Fall Summit

    Healthcare applications leaders are faced with keeping up-to-date with the latest and greatest in applications management, while also dealing with the day-to-day hustle and bustle of healthcare. It is critical that you deliver excellent customer service while dealing with everything from internal software miscues to keeping up with continual upgrades. In addition, you must keep up with ever-changing healthcare regulations such as Meaningful Use and MACRA. As an applications leader, you must remain adaptable to new software and systems that can ease the burden on your care providers, while ensuring these solutions fit into your overall organization strategy. Read More and Register
  • Event Information


    The Healthcare CISO Boot Camp is an intensive three and one-half day education program offered by Association for Executives in Healthcare Information Security (AEHIS) and the College of Healthcare Information Management Executives (CHIME) taught by a faculty of healthcare security thought leaders.  Combining presentations, small group discussions, case studies and interactive problem solving, participants learn the real-world skills necessary to become a successful healthcare CISO.
    Read More  
  • Event Information


    Cybersecurity policies establish expectations for the protection of information against deliberate and accidental threats and vulnerabilities. Many organizations struggle with embedding these expectations into day-to-day operations. What's more, board and senior leadership expectations regarding cybersecurity may not always translate into viable policies and procedures. During this session, we will discuss moving toward principle-based policy governance based on widely available cybersecurity control standards. Participants will be invited to share their current experience with governance and provide feedback on the value of a principle-based approach.

    . List the challenges associated with defining, implementing and managing cybersecurity policies and procedures

    2. Describe the traditional approach to cybersecurity policy management and its limitations

    3. Explain a framework to more effectively define, organize, implement and manage organizational cybersecurity policy expectations