Everyone who participates in the United States health care system either as a patient, provider business associate or subcontractor either knows or should know about the Health Insurance Portability and Accountability Act of 1996, Pub. L. 104-191 (Aug. 21, 1996). Another law, which is also relevant to healthcare industry participants, the Cybersecurity Act of 2015, Pub. L. 114-113 (Dec. 18, 2015) (“CSA”) leveraged the insights from both the private and the government stakeholders through the Healthcare and Public Health (“HPH”) Sector Critical Infrastructure Security and Resilience Public-Private Partnership. Section 405(d), Aligning Health Care Industry Security Approaches, required the United States Department of Health and Human Services (“HHS”) to convene a Task Group.1
The purpose of this webinar is to give participants an appreciation of the Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (“HICP”) in relation to HIPAA compliance.
Rachel V. Rose, Esq.
June 28, 2019
1. Introduction and overview
2. Legislative history of HIPAA, the HITECH Act and related Rules
3. Explanation of the Cybersecurity Act of 2015 and HICP
4. How HICP relates to the technical, administrative and physical requirements of HIPAA
5. How HICP helps with Security Rule Risk Analyses and compliance