HIPAA Information Security: Are You Ready?
Friday | December 10, 2004 | 8:30 a.m. - 12:00 p.m.
Boston Bar Association
Conference Center
16 Beacon Street
Boston, MA 02108
Sponsored by the BBA Health Law Section.
The HIPAA Information Security Rule will become effective on April 20, 2005. The Rule requires healthcare providers, health plans and healthcare clearinghouses to adopt administrative, physical and technical safeguards in order to protect the confidentiality, integrity and availability of protected health information that is maintained, stored or transmitted in electronic form.
Will your clients be ready? Have they appointed a security officer and performed a risk assessment? Do their agreements with business associates and trading partners reflect the requirements of the rule? Can you explain the relationship between the requirements of the privacy rule and security rule? Are you prepared to warn them of the risks of non-compliance?
After this seminar, attendees will know the major requirements of the rule, the role of a security officer, the risks of non-compliance and the relationship of information security to privacy.
This program will:
- provide an overview of the HIPAA information security rule
- discuss the risk assessment process
- explain the relationship of the privacy rule to the security rule, and
- describe possible liability risks that will arise from a failure to follow the rule’s requirements.
Program Overview:
Rule Overview and Risk Assessment Process
David S. Szabo, Esq.
Nutter, McClennen & Fish, LLP
Role of the Information Security Officer
Deborah Stevens
Information Security Officer
Tufts Health Plan
Interaction of Privacy and Security
Michael L. Blau, Esq.
McDermott, Will & Emery
Liability for Security Failures
Leigh-Ann M. Patterson, Esq.
Nixon Peabody LLP
|
