Brian Freedman

Senior Security Administrator, South Carolina Federal Credit Union

Brian Freedman , MS, CISSP, PMP, CHCO has earned his Masters of Science in Information Systems and has over 20 years working in IT and Information Assurance. Mr. Freedman leverages deep project management and technical experience in order to lead key elements to several Health-Information Technology (IT), Privacy and Security initiatives.

Mr. Freedman has hands-on experience with both the public and private sector healthcare networks and systems: He has worked at one of South Carolina's largest independent physicians practice, as its CIO and Information Technology Director. In his role as CIO, he was responsible for the oversight of all operational and technology functions for 33 Primary Care Physician offices and Specialist clinics. He served as the HIPAA Compliance Officer and managed a team of IT specialists in support of electronic medical records and practice management systems. He drafted and/or rewrote all related policies and procedures for the HIPAA final rule, and designed and delivered a HIPAA training program to more than 650 employees. Mr. Freedman also created and implemented an annual risk management / analysis program to focus on both HIPAA and Meaningful Use compliance. The risk management program developed by Mr. Freedman has provided the practice with a continuous risk management program.

He has co-authored a book on PCI Compliance and is the Technical Editor of a handbook on IT Regulatory and Standards Compliance. In addition, Mr. Freedman is an Adjunct Instructor for the Department of Network Systems Management at a local Technical College where he teaches classes in Information Systems, Networking, Information Assurance, and Regulatory Compliance (HIPAA and PCI). He holds some of the leading industry certifications from Microsoft and Cisco. He is also a CISSP, PMP, and is a Certified HIPAA Compliance Officer (CHCO).



Performing a Risk Assessment - Methodology and Steps for Success

The Risk Assessment which is required by the HIPAA Security Rule is often overlooked, misunderstood, or it seems to be too complex to even find a starting point. What some organizations find out is that while they brought in a third party auditor to do a "IT network assessment' that they actually did not end up performing a full blow risk assessment.

Cybersecurity in Healthcare - How to Prevent the Next Attack

With the ever-changing landscape of cybersecurity, there are many threats, vulnerabilities, and malicious individuals trying to take down your network or get access to ePHI. With ePHI being the most valuable data on the dark web sometimes selling for over $100 per record, the bad people are targeting your organization.

HIPAA Security Basics

The webinar will a primer for the HIPAA Security Rule going over the basics of what is necessary to achieve compliance. The first section will discuss what the Security Rule is and where it came from, who must comply, and what information has to be protected. Having this information should set the stage to validate how critical ePHI is and who is responsible for maintaining its security.

Performing a Risk Assessment - Methodology and Steps for Success

The Risk Assessment which is required by the HIPAA Security Rule is often overlooked, misunderstood, or it seems to be too complex to even find a starting point. What some organizations find out is that while they brought in a third party auditor to do a "IT network assessment' that they actually did not end up performing a full blow risk assessment.