We are excited to announce a new program on Disaster Recovery and Emergency Mode Operations by HIPAA expert, Jim Sheldon- Dean
Disaster Recovery and Emergency Mode Operations
With the recent natural disasters and hacking attacks suffered by healthcare and governmental entities, new attention is being paid to preparations for recovering from such disasters while protecting information assets. Speaker, Jim Sheldon-Dean has a program available that outlines the preparations that should be made by any entity with obligations to the public to protect the access to and confidentiality of information.
The session uses the HIPAA Security Rule as the foundation for the framework of the preparations that must take place to protect health information under those rules. The HIPAA framework and guidance provide a solid yet flexible foundation for any information security program. Healthcare information is a major target of hackers so the recommended responses must be equally robust. In natural disaster emergencies, many times health care services are key to an area’s recovery, and cannot be safely interrupted. Using the HIPAA Security Rule provides a flexible framework for protection of information and compliance with applicable regulations.
Preparation Is Key
The question is not “if,” it is “when.” There are all kinds of disasters that can strike and must be recovered from, from the technological, to the natural, to the human. These incidents are on the increase due to various factors beyond our control, but what we can do is be prepared for incidents that can threaten the Confidentiality, Integrity, and Availability of information. The idea is to look ahead and envision how the organization will recover from, as well as provide services during, some kind of severe incident that can threaten facilities and/or the systems within them, while protecting the privacy and security of information.
The session begins with understanding the HIPAA Security Rule’s requirements to protect information security, and how the principles in the rules apply in various scenarios. The session will then present various situations to illustrate the most effective preparations in advance of and steps to take in response to a cyber-attack such as Ransomware, and a natural disaster, such as a flood, tornado, or fire that destroys information assets. In addition, dealing with large-scale events like hurricanes and the resulting needs for providing information as necessary while protecting privacy and security will be discussed.
The session will include planning steps for preparations to deal with typical emergencies and significant threats to the privacy and security of confidential information. Recommendations will call on guidance from the US Department of Health and Human Services and the National Institute of Standards and Technology.
Jim Sheldon-Dean is a frequent speaker on topics relating to HIPAA compliance at national and local healthcare conventions and meetings, in-person and Web-based seminars.