Healthcare is an industry ripe for innovation and disruption. Many entrepreneurs see opportunity but hold back because they are unsure how to navigate the complexities of HIPAA and protecting patient data.
Learn what HIPAA specifications might apply to your business model and how to document your risk management strategy.
Why should you Attend:
The opportunities in healthcare technology are enormous. The risks are equally daunting. Is your software team equipped to protect the sensitive patient data your product will collect? Even if you apply good cybersecurity practices, how does all of that line up with your legal obligations under HIPAA? What will happen to your company if-or when-you are hit with a data breach? If the prospect of killer fines from the Department of Health and Human Services is making you lose sleep, this training will help. The challenges are great, but manageable with the right strategy.
Areas Covered in the Session:
- Does HIPAA even apply to your technology business?
- Wellness data versus healthcare data
- Data classification: PHI (Protected Health Info) versus PII (Personally Identifiable Info)
- The indispensable foundation of any data security strategy
- The most over-looked technology control for protecting patient data
- Is encryption a requirement? Maybe it's not so simple
- No such thing as "HIPAA compliant." Shifting to a risk management mindset
- Understanding Business Associate Agreements. Should you sign one?
- HIPAA covers much more than technology. Policies and procedures you must document
- The most common technical vulnerabilities in software products
- Unique requirements of cloud services like AWS NIST 800-53, the "Cybersecurity Bible" for startups Other regulations: state data privacy laws, GDPR
Who Will Benefit:
- CISOs in Health Technology