HIPAA Technical Safeguards - How to Implement Effectively

Duration: 60 Minutes
Instructor: Larry Boettger
Webinar Id: 800277


One Attendee


Often times, technical personnel are mostly focused on keeping systems operating at peak performance because this is all that they have time for in their busy schedules. This is mostly because organizations have limited budgets to invest in more head count and technology resources for both system optimal performance and effective security controls

This makes it challenging for technical personal to have enough time to:

  • Conduct research and Cost Benefit Analysis (CBA) on the best security technologies for their organizations
  • Implement and maintain effective technical security controls
The purpose of this session is to help technical staff and leadership understand the risks from weak security technology controls and how to mitigate the risks using technologies and practices that will allow staff to work more efficiently, which will allow them to implement and maintain both high performing systems and secure technology controls.

Key takeaways from this presentation:
  • Where cybercriminals are focusing their attention and how they are successful. Some examples:
    • Missing Application Patches (Java, Adobe, etc)
    • Weak Application Development Practices
    • Weak IT component configurations
  • Overview of top technical safeguards that should be invested in. Some examples:
    • Data at rest encryption controls
    • Patch management controls that cover both OS and applications
    • Security Information Event Management systems
    • Mobile Device Management controls
  • Some examples of how clients have transitioned to stronger controls, such as:
    • Prioritization of investments
    • Invested in technologies that remediated multiple problems first

Why should you attend: Based on HIPAA security risk assessments conducted recently, many organizations are missing critical technology safeguards that could costs their organization money and a lost reputation if a cybercriminal or auditor finds the weaknesses. This session will enable engineers and leadership to identify tactical and strategic investments in security controls that should be invested in to reduce the risks from technical weaknesses.

Areas Covered in the Session:
  • Operating System and Application Patch Management Controls
  • Application Development Security Controls
  • Identity Management Controls
  • IT Component Configuration Controls
  • Anti-Malware Controls
  • Logging and Audit Trail Controls
  • Encryption Controls
  • Network Access Controls
  • Disaster Recovery and Business Continuance Controls
  • Technical Policies and Procedures

Who Will Benefit:
  • IT Managers
  • IT Staff
  • Project Managers
  • Leadership Staff
  • HIPAA Security Officers

Speaker Profile
Larry has performed risk and vulnerability assessments and remediation services for large, medium and small health care and financial organizations and their business associates for over 17 years. He has multiple security certifications including; Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) and ITIL.

Larry has conducted security presentations for Lorman Education Services, Association of Information Technology Professionals (AITP), Society of Information Management (SIM), UW School of Business, Information Systems Security Association (ISSA), FBI’s InfraGard Program and Three Pillars’ Customers and Partners. He continues to invest time into building curriculums and security labs and teaching information security best practices according to the National Institute of Standards and Technology (NIST), Center for Internet Security and Open Web Application Security Project (OWASP). He trains IT administrators on information security best practices and security tools usage and also trains clients’ employees on the proper usage of computer systems to prevent security breaches.

You Recently Viewed