All events are in Eastern Time (ET) unless otherwise noted in the event description.

    • AEHIS Interact: A How-To

    • Date: 06/23/2017
    • Start Time: 12:00pm
    • End Time: 12:45pm
    • Event Type: AEHIS LIVE
    • Session Speaker(s):

      Zach Donisch, Director, AEHIS, AEHIT, AEHIA Membership​, CHIME  

    • Please login or become a member to register and view archived sessions.

    Event Information


    Educational webinar for members of AEHIS on the functionality and future of AEHIS Interact, a membership email discussion list. Attendees will learn how to use Interact and additional features and functionality of Interact.

    • A CISO’s Guide to Increasing Power and Influence

    • Date: 06/28/2017
    • Start Time: 12:00pm
    • End Time: 01:00pm
    • Event Type: AEHIS LIVE
    • Session Speaker(s):

      Toby Gouker, PhD, GSLC, Graduate Program Director, Technical Management, University of Maryland, Baltimore County; also VP of Strategy, First Health Advisory Solutions  

    • Please login or become a member to register and view archived sessions.

    Event Information


    The CISO position in a healthcare organization is typically created with a great deal of responsibility, without providing an appropriate level of authority. To be effective, the CISO must over time, acquire a power base to effectively exert influence over the organization and build an adaptive cybersecurity program that reduces risk to acceptable levels while operating within a reasonable annual budget. This presentation will discuss various forms of organizational and personal power that a CISO can seek out to build a base of power from which to draw upon to influence the people, process and initiatives required for an effective cybersecurity program.

     

    Learning Objectives:

    1. Describe ways in which power can be garnered to advance the CISO’s ability to influence others in the organization

    2. Implement activities that can increase power where little formal authority is given by the organization.

    3. Employ politics to advance cybersecurity agendas while supporting their organizational mission.

     

  • Event Information


    At last the US Department of Health & Human Services’ (HHS) has released the Health Care Industry Cybersecurity Task Force report. Hear from the Task Force’s co-chairs, who were directly involved with shaping the recommendations to Congress.  The Task Force was created under the Cybersecurity Act passed in late 2015.  Learn about how the Task Force arrived at their recommendations and understand how the co-chairs see the report impacting the industry.

    Our program will begin with insight from two Task Force members, Theresa Meadows, Senior Vice President and Chief Information Officer with Cook Children’s Health Care System, co-chair of the Task Force and David Ting, Co-Founder and Chief Technology Officer at Imprivata, Inc. to present the report findings. Following an overview of the report, Andrew Coyne, Chief Information Security Officer from the Mayo Clinic and Brian Streud, Chief Information Officer, Faith Regional Health Services will provide reactions to the report and explain how they plan to take action on the Task Force’s recommendations.

    • AEHIS CISO Virtual Cybersecurity Symposium™ – HIPAA 101 (On-Demand)

    • Date: 07/05/2017
    • Start Time: On Demand
    • Event Type: Webinar
    • Session Speaker(s):

      Mary Chaput, MBA, HCISPP, CIPP/US, CIPM, Chief Financial & Compliance Officer – Clearwater Compliance
      Bob Chaput, MA, CISSP, HCISPP, CRISC, CIPP/US, CEO & Founder – Clearwater Compliance
      Jon Stone, MPA, PMP, HCISPP, VP, Product Innovation – Clearwater Compliance

    • Please login or become a member to register and view archived sessions.

    Event Information


    Designed for CISOs, the AEHIS CISO Virtual Cybersecurity Symposium™ is being offered exclusively to AEHIS members and was especially developed for our members. The curriculum focuses on the most pressing issues facing covered entities and business associates today as defined by the US Department of Health and Human Services (HHS), Office for Civil Rights (OCR) and responds to the intensifying focus on risk analysis and risk management.
    ---
    LEARN MORE
    On-Demand HIPAA 101 Session Learning Objectives:

    - Demonstrate a working knowledge of the fundamentals of the HIPAA regulations

    - Explain the history of HIPAA and HITECH and what motivated the creation of these regulations

    - Identify sources of liability other than HIPAA for CEs and BAs

    - Articulate the types of organizations which have experienced breaches and complaints

    - Explain to colleagues and management recent statistics related to breaches of PHI

    - Describe the relationships between the privacy, breach notification and security rules

    • AEHIS CISO Virtual Cybersecurity Symposium™ – Session 1

    • Date: 07/06/2017
    • Start Time: 12:00 pm
    • End Time: 02:00 pm
    • Event Type: Webinar
    • Session Speaker(s):

      Mary Chaput, MBA, HCISPP, CIPP/US, CIPM, Chief Financial & Compliance Officer – Clearwater Compliance
      Bob Chaput, MA, CISSP, HCISPP, CRISC, CIPP/US, CEO & Founder – Clearwater Compliance
      Jon Stone, MPA, PMP, HCISPP, VP, Product Innovation – Clearwater Compliance

    • Please login or become a member to register and view archived sessions.

    Event Information


    Designed for CISOs, the AEHIS CISO Virtual Cybersecurity Symposium™ is being offered exclusively to AEHIS members and was especially developed for our members. The curriculum focuses on the most pressing issues facing covered entities and business associates today as defined by the US Department of Health and Human Services (HHS), Office for Civil Rights (OCR) and responds to the intensifying focus on risk analysis and risk management.
    ---
    LEARN MORE
    Session 1 Learning Objectives:

    Overview of the NIST Cybersecurity Framwork (CSF) and NIST Process

    - Develop basic knowledge of the NIST CSF

    - Describe the four-step NIST information risk management (IRM) process

    - Access NIST and other resources to assist CEs, BAs and subcontractors in information risk management

    - Explain the essential steps of establishing, operationalizing and maturing an IRM program

    - Engage with customers and business partners directly on IRM requirements

    How to Calculate the Cost of A Data Breach and Get the Budge for your Information Risk Management Program

    - Gain insights on statistics for assessing the likelihood of a breach or an OCR investigation

    - Understand how to present a compelling return on investment (“ROI”) calculation

    - Learn the potential repercussions of a data breach

    - Determine how to choose cost factors relevant to your organization

    - Prepare to calculate the cost of a date breach specific for your organization

    - Turn the breach cost into a compelling business plan to strengthen your security program

    • AEHIS Member Orientation

    • Date: 07/07/2017
    • Start Time: 12:00pm
    • End Time: 12:45pm
    • Event Type: AEHIS LIVE
    • Session Speaker(s):

      Zach Donisch - Director, AEHIS, AEHIT, AEHIA Membership

    • Please login or become a member to register and view archived sessions.

    Event Information


    A comprehensive overview of the Association for Executives in Healthcare Information Security (AEHIS) for new members and existing members alike. Membership Director Zach Donisch will cover AEHIS' mission and direction, the "who's who" of the AEHIS team, and the major membership benefits and ways to access them. Don't worry - if you can't make this session, AEHIS will host a Membership Orientation every two weeks.

    • AEHIS CISO Virtual Cybersecurity Symposium™ – Session 2

    • Date: 07/13/2017
    • Start Time: 12:00 pm
    • End Time: 02:00 pm
    • Event Type: Webinar
    • Session Speaker(s):

      Mary Chaput, MBA, HCISPP, CIPP/US, CIPM, Chief Financial & Compliance Officer – Clearwater Compliance
      Bob Chaput, MA, CISSP, HCISPP, CRISC, CIPP/US, CEO & Founder – Clearwater Compliance
      Jon Stone, MPA, PMP, HCISPP, VP, Product Innovation – Clearwater Compliance

    • Please login or become a member to register and view archived sessions.

    Event Information


    Designed for CISOs, the AEHIS CISO Virtual Cybersecurity Symposium™ is being offered exclusively to AEHIS members and was especially developed for our members. The curriculum focuses on the most pressing issues facing covered entities and business associates today as defined by the US Department of Health and Human Services (HHS), Office for Civil Rights (OCR) and responds to the intensifying focus on risk analysis and risk management.
    ---
    LEARN MORE
    Session 2 Learning Objectives:

    The Critical Difference: HIPAA Security Evaluation vs. HIPAA Security Risk Analysis 

    - Describe three distinct HIPAA security rule evaluation requirements

    - Explain the difference between a compliance assessment and a risk analysis

    - Learn proven approaches to completing these evaluations

    - Utilize step-by-step instructions for compliance assessments and risk analysis

    How to Establish Your NIST-based Risk Management Program 

    - Categorize and describe examples of risk types

    - Learn how to measure risk using risk likelihood and risk impact

    - Learn how to use a process for building a business case for strengthening information security

    - Use Excel template provided to calculate the cost of a breach for your organization

    - Use Word templates to create a charter and standing agenda for your governance, risk and compliance council

    - Use Clearwater “Business and Information Privacy, Security and Compliance Program” AlignmentCheck™ to assess the alignment of your organization’s business strategy with compliance

    • AEHIS CISO Virtual Cybersecurity Symposium™ – Session 3

    • Date: 07/20/2017
    • Start Time: 12:00 pm
    • End Time: 02:00 pm
    • Event Type: Webinar
    • Session Speaker(s):

      Mary Chaput, MBA, HCISPP, CIPP/US, CIPM, Chief Financial & Compliance Officer – Clearwater Compliance
      Bob Chaput, MA, CISSP, HCISPP, CRISC, CIPP/US, CEO & Founder – Clearwater Compliance
      Jon Stone, MPA, PMP, HCISPP, VP, Product Innovation – Clearwater Compliance

    • Please login or become a member to register and view archived sessions.

    Event Information


    Designed for CISOs, the AEHIS CISO Virtual Cybersecurity Symposium™ is being offered exclusively to AEHIS members and was especially developed for our members. The curriculum focuses on the most pressing issues facing covered entities and business associates today as defined by the US Department of Health and Human Services (HHS), Office for Civil Rights (OCR) and responds to the intensifying focus on risk analysis and risk management.
    ---
    LEARN MORE
    Session 3 Learning Objectives:

    How to Conduct an OCR-Quality Risk Analysis

    - Understand general regulatory requirements for ongoing risk assessments

    - Explain the difference between compliance and security

    - Cite the specific regulatory requirements for risk assessment

    - Define fundamental risk terminology

    - Explain why risk assessment is a core foundational step

    - Describe the fundamentals of information risk assessment

    - Describe the fundamentals of information risk management

    How to Conduct OCR-Quality Risk Management

    - Understand the regulatory requirements and most effective standards for responding to risk

    - Know the four essential options for effective risk response

    - Evaluate alternatives to reduce risks in terms of effectiveness and feasibility

    - Learn how to make sure risk responses get implemented through tracking new or improved controls and safeguards

    • AEHIS Member Orientation

    • Date: 07/21/2017
    • Start Time: 12:00pm
    • End Time: 12:45pm
    • Event Type: AEHIS LIVE
    • Session Speaker(s):

      Zach Donisch - Director, AEHIS, AEHIT, AEHIA Membership

    • Please login or become a member to register and view archived sessions.

    Event Information


    A comprehensive overview of the Association for Executives in Healthcare Information Security (AEHIS) for new members and existing members alike. Membership Director Zach Donisch will cover AEHIS' mission and direction, the "who's who" of the AEHIS team, and the major membership benefits and ways to access them. Don't worry - if you can't make this session, AEHIS will host a Membership Orientation every two weeks.
    • AEHIS CISO Virtual Cybersecurity Symposium™ – Session 4

    • Date: 07/27/2017
    • Start Time: 12:00 pm
    • End Time: 02:00 pm
    • Event Type: Webinar
    • Session Speaker(s):

      Mary Chaput, MBA, HCISPP, CIPP/US, CIPM, Chief Financial & Compliance Officer – Clearwater Compliance
      Bob Chaput, MA, CISSP, HCISPP, CRISC, CIPP/US, CEO & Founder – Clearwater Compliance
      Jon Stone, MPA, PMP, HCISPP, VP, Product Innovation – Clearwater Compliance

    • Please login or become a member to register and view archived sessions.

    Event Information


    Designed for CISOs, the AEHIS CISO Virtual Cybersecurity Symposium™ is being offered exclusively to AEHIS members and was especially developed for our members. The curriculum focuses on the most pressing issues facing covered entities and business associates today as defined by the US Department of Health and Human Services (HHS), Office for Civil Rights (OCR) and responds to the intensifying focus on risk analysis and risk management.
    ---
    LEARN MORE
    Session 4 Learning Objectives:

    How to Implement a Strong, Proactive Business Associate Risk Management Program 

    - Describe who is a business associate and who isn’t

    - Explain why managing business associates is important

    - Explain the expansion of the ‘Chain of Trust’ in healthcare

    - Cite and explain the HIPAA Privacy and Security Rule contractual requirements for business associates

    - Explain the risk rating concept and process for business associates

    - Develop a business associate management program checklist

    - Describe the benefits of a business associate management program

    How to Monitor Your NIST-based Risk Management Program to Comply with Federal Regulations & Industry Standards

    - Learn where monitoring fits into the System Development Lifecycle

    - Know the essential steps of Information System Continuous Monitoring

    - Learn what types of changes are included in continuous monitoring

    - Know the importance of effectiveness monitoring

    • AEHIS CISO Virtual Cybersecurity Symposium™ – Session 5

    • Date: 08/03/2017
    • Start Time: 12:00 pm
    • End Time: 02:00 pm
    • Event Type: Webinar
    • Session Speaker(s):

      Mary Chaput, MBA, HCISPP, CIPP/US, CIPM, Chief Financial & Compliance Officer – Clearwater Compliance
      Bob Chaput, MA, CISSP, HCISPP, CRISC, CIPP/US, CEO & Founder – Clearwater Compliance
      Jon Stone, MPA, PMP, HCISPP, VP, Product Innovation – Clearwater Compliance

    • Please login or become a member to register and view archived sessions.

    Event Information


    Designed for CISOs, the AEHIS CISO Virtual Cybersecurity Symposium™ is being offered exclusively to AEHIS members and was especially developed for our members. The curriculum focuses on the most pressing issues facing covered entities and business associates today as defined by the US Department of Health and Human Services (HHS), Office for Civil Rights (OCR) and responds to the intensifying focus on risk analysis and risk management.
    ---
    LEARN MORE
    Session 5 Learning Objectives:

    How to Mature your IRM Program

    - Explain the importance of a mature IRM program and framework

    - Describe the IRM Maturity Model

    - Determine your organization’s current IRM level of maturity

    - Develop a dashboard to highlight unacceptable risk and show progress on mitigating risk

    Now What? Summary & Action Planning

    - Identify immediate next actions for your organization

    - Build your cybersecurity business case

    - Access resources and information provided during the Symposium

     
    • AEHIS CISO Virtual Cybersecurity Symposium™ – Post-Symposium Meet Up

    • Date: 08/16/2017
    • Start Time: 12:00 pm
    • End Time: 01:30 pm
    • Event Type: Webinar
    • Session Speaker(s):

      Mary Chaput, MBA, HCISPP, CIPP/US, CIPM, Chief Financial & Compliance Officer – Clearwater Compliance
      Bob Chaput, MA, CISSP, HCISPP, CRISC, CIPP/US, CEO & Founder – Clearwater Compliance
      Jon Stone, MPA, PMP, HCISPP, VP, Product Innovation – Clearwater Compliance

    • Please login or become a member to register and view archived sessions.

    Event Information


    Designed for CISOs, the AEHIS CISO Virtual Cybersecurity Symposium™ is being offered exclusively to AEHIS members and was especially developed for our members. The curriculum focuses on the most pressing issues facing covered entities and business associates today as defined by the US Department of Health and Human Services (HHS), Office for Civil Rights (OCR) and responds to the intensifying focus on risk analysis and risk management.
    ---
    LEARN MORE
    Post-Symposium Meet Up Objectives:

    Address any questions/comments/concerns following the previous sessions

  • Event Information


    The Healthcare CIO Boot Camp™ is an intensive three and one-half day education program offered by the College of Healthcare Information Management Executives (CHIME) taught by a faculty of healthcare CIO thought leaders. Combining presentations, small group discussions, case studies and interactive problem solving, participants learn the real-world skills necessary to become a successful healthcare CIO.
    ---
    Learn more
  • Event Information


    Health IT security leaders are challenged daily with an onslaught of cyber attacks such as malware, ransomware, phishing campaigns, threats to medical devices, and even DDoS attacks. Increasingly complex governmental security regulations further complicate the healthcare CISO’s overall objective of safeguarding the network and protecting patient information. As the threats grow and oversight becomes more necessary, your security practices must align with overall organizational strategies, leveraging the technology and services that will help expand security boundaries. Despite these daunting demands and complex solutions, you have a valuable resource at your fingertips. That resource is, of course, your colleagues! To learn from others in the industry, AEHIS is pleased to announce our inaugural Fall Summit, open exclusively to AEHIS members. The 2017 AEHIS Fall Summit will feature IT security speakers and presentations, and create a collaborative environment to enable you and your team keep your organizations secure and become better leaders in the transformation of healthcare IT. We invite you to take part in this exciting event.   More details coming soon.