HIPAA-HITECH Assessment of your Cloud Service Providers
Overview:
The primary objective of this 60 minute webinar is to help organization identify the key vulnerabilities with cloud service providers by reviewing the best practices to evaluate, engage and monitor online service providers to protect ePHI handled on behalf of the Covered Entity.
- Have you identified the e-PHI with your cloud service providers? This includes e-PHI that you create, receive, maintain or transmit.
- What are the external sources of e-PHI? For example, do vendors or consultants create, receive, maintain or transmit e-PHI?
- What are the human, natural, and environmental threats to information systems that contain e-PHI?
- Do you want to attest to EHR incentive program by completing your security risk analysis for your cloud HER ?
Why should you attend: HIPAA/HITECH compliance standards is intended to address the risks to confidentiality, integrity, and availability of Protected Health Information(PHI) that the health care organization should protect. This webinar is intended to provide basic background about HIPAA/HITECH assessment strategies and techniques for health care organizations that utilize cloud services.
We will guide you through the requirements for a HIPAA/HITECH assessment of your cloud service providers in the following key areas:
- How to inventory cloud-related assets within your organization
- How to review technical vulnerabilities
- How to identify risks and prioritize
- How to document and monitor vulnerabilities
- Due diligence and contract documentation
Areas Covered in the Session:
- How to inventory ePHI, map out cloud systems in scope, identify and prioritize vendor evaluation, assessment and monitoring
- The best practices and checklist to minimize time and maximize effectiveness
- Learn about practical tools and resources for conducting and documenting assessment
- The most common threats and vulnerabilities to ePHI introduced by the cloud service providers - and how to protect Covered Entity’s interest
Who Will Benefit:
- Healthcare Compliance
- Security and Privacy Professional
Speaker Profile
Srini Kolathur , HITPro, CISSP,CISA, CISM, MBA is a result-driven leader. He has several years of experience in helping companies effectively meet and exceed regulatory compliance requirements including SOX, PCI, HIPAA, etc. by using best practices.
For the last several years, he has been actively involved in Sarbox controls implementation, PCI-DSS, GRC and internal audit functions in the critical general IT control areas. As internal compliance and audit liaison project manager for Cisco infrastructure group, Srini has managed compliance and automation projects, including developing tracking systems for monitoring privileged user access.
Srini has been involved in providing training to staffs at small practices and hospitals so they can effectively comply with HIPAA/HITECH and meaningful use security requirements by using NIST risk assessment framework, HHS HIPAA checklist and best practices for IT assessment.
Srini graduated with an executive MBA degree from Kenan-flagler business school at UNC Chapel Hill. Srini is very active in the local ISACA and ISSA chapters. Srini believes in and advocates best practices-based security and compliance program to achieve business objectives. Srini has a long and successful track record of bringing in projects on time and on budget, and developing high performance teams, while boosting technicaland business expertise, and maintaining high morale.
For the last several years, he has been actively involved in Sarbox controls implementation, PCI-DSS, GRC and internal audit functions in the critical general IT control areas. As internal compliance and audit liaison project manager for Cisco infrastructure group, Srini has managed compliance and automation projects, including developing tracking systems for monitoring privileged user access.
Srini has been involved in providing training to staffs at small practices and hospitals so they can effectively comply with HIPAA/HITECH and meaningful use security requirements by using NIST risk assessment framework, HHS HIPAA checklist and best practices for IT assessment.
Srini graduated with an executive MBA degree from Kenan-flagler business school at UNC Chapel Hill. Srini is very active in the local ISACA and ISSA chapters. Srini believes in and advocates best practices-based security and compliance program to achieve business objectives. Srini has a long and successful track record of bringing in projects on time and on budget, and developing high performance teams, while boosting technicaland business expertise, and maintaining high morale.