SlideShare a Scribd company logo

HIPAA – Five Security Strategies to Protect ePHI

Download as PPTX, PDF
Tripwire
Tripwire

For healthcare organizations the pressure to protect electronic personally identifiable health information (ePHI) increased significantly throughout 2010. The US Department of Health and Human Services proposed modifications to HIPAA privacy, security and enforcement rules, HITECH Act extended HIPAA requirements to business associates and the number of breaches affecting at least 500 individuals is rapidly increasing. Healthcare organizations are already anxious about what 2011 has in store, with increased negative media attention, increased patient awareness of breaches and more. Unfortunately, the ePHI data protection landscape can be confusing to navigate. So what can healthcare organizations do to protect ePHI and ensure they stay out of the spotlight? In this webcast, Chris Konrad, Senior VP of Client Services at Fortrex Technologies and Cindy Valladares, Solutions Marketing at Tripwire: Discuss which factors and forces around ePHI have recently impacted healthcare organizations. Describe what is different in 2011 and the challenges facing organizations when protecting ePHI Use real-life examples to demonstrate the effects of data breaches Provide five strategies you can take to better protect ePHI and avoid the negative fallout of a breach

Technology
1 of 33
HIPAA 2011: Five Security Strategies to Protect ePHI Join the conversation: #hipaa2011
Chris Konrad, Fortrex Technologies Cindy Valladares, Tripwire Inc. Join the conversation: #hipaa2011
Today’s Speakers SVP Client Services Join the conversation: #hipaa2011
• 2010 in review • Five Security Strategies to Protect ePHI • Recommendations • Q&A Join the conversation: #hipaa2011
Join the conversation: #hipaa2011
Join the conversation: #hipaa2011
Join the conversation: #hipaa2011
Join the conversation: #hipaa2011
Join the conversation: #hipaa2011
Join the conversation: #hipaa2011
Join the conversation: #hipaa2011
Join the conversation: #hipaa2011
Join the conversation: #hipaa2011
• • • • • Join the conversation: #hipaa2011
Raw Log Data Dynamic Policy Testing Auto-retest to policy Change Process Analysis Close breach-to-discovery time gap  Immediate time-to-value Reconcile toto usual Business Authorization Exclusive as Tripwire! Change windows User ID Multiple conditions Join the conversation: #hipaa2011
Raw Log Data Normalization & Correlation • High Speed Log Archival • Events of Interest • Google like Index • Structured Data • Fast Search • Complex Reporting • Intelligent Reporting • Data visualization Join the conversation: #hipaa2011
Maintain Desired State Non-stop monitoring & collection Dynamic analysis to find suspicious activities Assess & Achieve Alert on impact to policy Remediate options to speed remedy Time Join the conversation: #hipaa2011
Correlate to Correlate to Bad Changes Suspicious Events Join the conversation: #hipaa2011
5 failed logins Login successful Windows event log cleared Logging turned off Host not generating events Policy test fails Join the conversation: #hipaa2011
Join the conversation: #hipaa2011
Join the conversation: #hipaa2011
Join the conversation: #hipaa2011
Join the conversation: #hipaa2011
Join the conversation: #hipaa2011
Join the conversation: #hipaa2011
Join the conversation: #hipaa2011
Join the conversation: #hipaa2011
Join the conversation: #hipaa2011
Join the conversation: #hipaa2011
• • • • • Join the conversation: #hipaa2011
• • • • • • Join the conversation: #hipaa2011
Questions? • Chris Konrad • Cindy Valladares Fortrex Technologies Tripwire, Inc. Website: www.fortrex.com Website: www.tripwire.com Email: info@fortrex.com Email: cvalladares@tripwire.com Phone: 877-FORTREX Twitter: @cindyv & @tripwireinc LinkedIn: Fortrex SME Club Twitter: @cjkonrad & @FORTREXTECH
Chris Konrad Cindy Valladares Fortrex Technologies Tripwire, Inc. Website: www.fortrex.com www.tripwire.com Email: cvalladares@tripwire.com Email: info@fortrex.com Twitter: @cindyv and @tripwireinc Phone: 877-FORTREX LinkedIn: Fortrex SME Club Twitter: @cjkonrad @FORTREXTECH

Recommended

Eric Vyncke - IPv6 Security Vendor Point of View
Eric Vyncke - IPv6 Security Vendor Point of ViewEric Vyncke - IPv6 Security Vendor Point of View
Eric Vyncke - IPv6 Security Vendor Point of ViewIPv6 Conference
 
You Know You Need PCI Compliance Help When…
You Know You Need PCI Compliance Help When…You Know You Need PCI Compliance Help When…
You Know You Need PCI Compliance Help When…Rochester Security Summit
 
Don't Risk the Blacklist - Stop Outbound Spam
Don't Risk the Blacklist - Stop Outbound SpamDon't Risk the Blacklist - Stop Outbound Spam
Don't Risk the Blacklist - Stop Outbound SpamCyren, Inc
 
Application security vision - John b
Application security vision - John bApplication security vision - John b
Application security vision - John bRoopa Nadkarni
 
Ensuring Security and Privacy in the HIE Market - Redspin Information Security
Ensuring Security and Privacy in the HIE Market - Redspin Information SecurityEnsuring Security and Privacy in the HIE Market - Redspin Information Security
Ensuring Security and Privacy in the HIE Market - Redspin Information SecurityRedspin, Inc.
 
ICD10 Remediation Service
ICD10 Remediation ServiceICD10 Remediation Service
ICD10 Remediation ServiceAri Banerjee
 
Superia digital credentials
Superia digital credentialsSuperia digital credentials
Superia digital credentialsAri Banerjee
 
Superia Presentation
Superia PresentationSuperia Presentation
Superia PresentationAri Banerjee
 

Recommended

Eric Vyncke - IPv6 Security Vendor Point of View
Eric Vyncke - IPv6 Security Vendor Point of ViewEric Vyncke - IPv6 Security Vendor Point of View
Eric Vyncke - IPv6 Security Vendor Point of ViewIPv6 Conference
 
You Know You Need PCI Compliance Help When…
You Know You Need PCI Compliance Help When…You Know You Need PCI Compliance Help When…
You Know You Need PCI Compliance Help When…Rochester Security Summit
 
Don't Risk the Blacklist - Stop Outbound Spam
Don't Risk the Blacklist - Stop Outbound SpamDon't Risk the Blacklist - Stop Outbound Spam
Don't Risk the Blacklist - Stop Outbound SpamCyren, Inc
 
Application security vision - John b
Application security vision - John bApplication security vision - John b
Application security vision - John bRoopa Nadkarni
 
Ensuring Security and Privacy in the HIE Market - Redspin Information Security
Ensuring Security and Privacy in the HIE Market - Redspin Information SecurityEnsuring Security and Privacy in the HIE Market - Redspin Information Security
Ensuring Security and Privacy in the HIE Market - Redspin Information SecurityRedspin, Inc.
 
ICD10 Remediation Service
ICD10 Remediation ServiceICD10 Remediation Service
ICD10 Remediation ServiceAri Banerjee
 
Superia digital credentials
Superia digital credentialsSuperia digital credentials
Superia digital credentialsAri Banerjee
 
Superia Presentation
Superia PresentationSuperia Presentation
Superia PresentationAri Banerjee
 
Mind the Cybersecurity Gap - Why Compliance Isn't Enough
Mind the Cybersecurity Gap - Why Compliance Isn't EnoughMind the Cybersecurity Gap - Why Compliance Isn't Enough
Mind the Cybersecurity Gap - Why Compliance Isn't EnoughTripwire
 
Data Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data PrivacyData Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data PrivacyTripwire
 
Key Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsKey Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsTripwire
 
Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire
 
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through Tripwire
 
Tripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase ColeTripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase ColeTripwire
 
Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire
 
World Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest CelebrationWorld Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest CelebrationTripwire
 
Tripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key FindingsTripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key FindingsTripwire
 
Key Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact ReportKey Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact ReportTripwire
 
The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!Tripwire
 
Industrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT CollaborationIndustrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT CollaborationTripwire
 
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...Tripwire
 
Tripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key FindingsTripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key FindingsTripwire
 
A Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber MomentsA Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber MomentsTripwire
 
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTime for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTripwire
 
Tripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key FindingsTripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key FindingsTripwire
 
Defend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkDefend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkTripwire
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksTripwire
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 

More Related Content

More from Tripwire

Mind the Cybersecurity Gap - Why Compliance Isn't Enough
Mind the Cybersecurity Gap - Why Compliance Isn't EnoughMind the Cybersecurity Gap - Why Compliance Isn't Enough
Mind the Cybersecurity Gap - Why Compliance Isn't EnoughTripwire
 
Data Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data PrivacyData Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data PrivacyTripwire
 
Key Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsKey Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsTripwire
 
Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire
 
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through Tripwire
 
Tripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase ColeTripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase ColeTripwire
 
Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire
 
World Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest CelebrationWorld Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest CelebrationTripwire
 
Tripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key FindingsTripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key FindingsTripwire
 
Key Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact ReportKey Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact ReportTripwire
 
The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!Tripwire
 
Industrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT CollaborationIndustrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT CollaborationTripwire
 
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...Tripwire
 
Tripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key FindingsTripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key FindingsTripwire
 
A Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber MomentsA Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber MomentsTripwire
 
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTime for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTripwire
 
Tripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key FindingsTripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key FindingsTripwire
 
Defend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkDefend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkTripwire
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksTripwire
 

More from Tripwire (20)

Mind the Cybersecurity Gap - Why Compliance Isn't Enough
Mind the Cybersecurity Gap - Why Compliance Isn't EnoughMind the Cybersecurity Gap - Why Compliance Isn't Enough
Mind the Cybersecurity Gap - Why Compliance Isn't Enough
 
Data Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data PrivacyData Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data Privacy
 
Key Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsKey Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The Experts
 
Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale Peterson
 
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
 
Tripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase ColeTripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase Cole
 
Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller
 
World Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest CelebrationWorld Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest Celebration
 
Tripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key FindingsTripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key Findings
 
Key Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact ReportKey Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact Report
 
The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!
 
Industrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT CollaborationIndustrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT Collaboration
 
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
 
Tripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key FindingsTripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key Findings
 
A Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber MomentsA Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber Moments
 
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTime for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
 
Tripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key FindingsTripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key Findings
 
Defend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkDefend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK Framework
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber Attacks
 

Recently uploaded

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 

Recently uploaded (20)

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 

HIPAA – Five Security Strategies to Protect ePHI

Editor's Notes

  1. Patient Protection and Affordable Care Act and subsequent Health Care and Education Reconciliation Act of 2010 are passedHITECH Act extends HIPAA Privacy and Security requirement to business associatesHHS proposes HIPAA Privacy, Security and Enforcement Rules modificationsHHS National Coordinator, Office of the National Coordinator for Health IT, Dr. David Blumenthal forms Privacy and Security “tiger team”United States Health Human Services (HHS) publication of breaches of unprotected PHI affecting over 500 individuals totals 3,608,753Connecticut Attorney General, now Senator Richard Blumenthal, issues suit against Health Net for failing to secure the information of 446,000 individuals whose data was on a lost, unencrypted hard driveSettled for $250,000Conditional $500,000 to be paid in the event that the breach proves to have lead to the access of personal information2010 Healthcare Information and Management Systems Society (HIMSS) Security Survey 31% of all healthcare providers experienced a breach to patient information Fewer than one in 10 of 600 surveyed could meet most of the meaningful-use requirementsPonemon Institute and security firm ID Expert research released Hospitals are exposed to a loss of $6 billion dollars annually as a result of breaches 70% of respondents indicated that patient data protection is not a priority
  2. Patient Protection and Affordable Care Act and subsequent Health Care and Education Reconciliation Act of 2010 are passedHITECH Act extends HIPAA Privacy and Security requirement to business associatesHHS proposes HIPAA Privacy, Security and Enforcement Rules modificationsHHS National Coordinator, Office of the National Coordinator for Health IT, Dr. David Blumenthal forms Privacy and Security “tiger team”United States Health Human Services (HHS) publication of breaches of unprotected PHI affecting over 500 individuals totals 3,608,753Connecticut Attorney General, now Senator Richard Blumenthal, issues suit against Health Net for failing to secure the information of 446,000 individuals whose data was on a lost, unencrypted hard driveSettled for $250,000Conditional $500,000 to be paid in the event that the breach proves to have lead to the access of personal information2010 Healthcare Information and Management Systems Society (HIMSS) Security Survey 31% of all healthcare providers experienced a breach to patient information Fewer than one in 10 of 600 surveyed could meet most of the meaningful-use requirementsPonemon Institute and security firm ID Expert research released Hospitals are exposed to a loss of $6 billion dollars annually as a result of breaches 70% of respondents indicated that patient data protection is not a priority
  3. Patient Protection and Affordable Care Act and subsequent Health Care and Education Reconciliation Act of 2010 are passedHITECH Act extends HIPAA Privacy and Security requirement to business associatesHHS proposes HIPAA Privacy, Security and Enforcement Rules modificationsHHS National Coordinator, Office of the National Coordinator for Health IT, Dr. David Blumenthal forms Privacy and Security “tiger team”United States Health Human Services (HHS) publication of breaches of unprotected PHI affecting over 500 individuals totals 3,608,753Connecticut Attorney General, now Senator Richard Blumenthal, issues suit against Health Net for failing to secure the information of 446,000 individuals whose data was on a lost, unencrypted hard driveSettled for $250,000Conditional $500,000 to be paid in the event that the breach proves to have lead to the access of personal information2010 Healthcare Information and Management Systems Society (HIMSS) Security Survey 31% of all healthcare providers experienced a breach to patient information Fewer than one in 10 of 600 surveyed could meet most of the meaningful-use requirementsPonemon Institute and security firm ID Expert research released Hospitals are exposed to a loss of $6 billion dollars annually as a result of breaches 70% of respondents indicated that patient data protection is not a priority
  4. Patient Protection and Affordable Care Act and subsequent Health Care and Education Reconciliation Act of 2010 are passedHITECH Act extends HIPAA Privacy and Security requirement to business associatesHHS proposes HIPAA Privacy, Security and Enforcement Rules modificationsHHS National Coordinator, Office of the National Coordinator for Health IT, Dr. David Blumenthal forms Privacy and Security “tiger team”United States Health Human Services (HHS) publication of breaches of unprotected PHI affecting over 500 individuals totals 3,608,753Connecticut Attorney General, now Senator Richard Blumenthal, issues suit against Health Net for failing to secure the information of 446,000 individuals whose data was on a lost, unencrypted hard driveSettled for $250,000Conditional $500,000 to be paid in the event that the breach proves to have lead to the access of personal information2010 Healthcare Information and Management Systems Society (HIMSS) Security Survey 31% of all healthcare providers experienced a breach to patient information Fewer than one in 10 of 600 surveyed could meet most of the meaningful-use requirementsPonemon Institute and security firm ID Expert research released Hospitals are exposed to a loss of $6 billion dollars annually as a result of breaches 70% of respondents indicated that patient data protection is not a priority
  5. Patient Protection and Affordable Care Act and subsequent Health Care and Education Reconciliation Act of 2010 are passedHITECH Act extends HIPAA Privacy and Security requirement to business associatesHHS proposes HIPAA Privacy, Security and Enforcement Rules modificationsHHS National Coordinator, Office of the National Coordinator for Health IT, Dr. David Blumenthal forms Privacy and Security “tiger team”United States Health Human Services (HHS) publication of breaches of unprotected PHI affecting over 500 individuals totals 3,608,753Connecticut Attorney General, now Senator Richard Blumenthal, issues suit against Health Net for failing to secure the information of 446,000 individuals whose data was on a lost, unencrypted hard driveSettled for $250,000Conditional $500,000 to be paid in the event that the breach proves to have lead to the access of personal information2010 Healthcare Information and Management Systems Society (HIMSS) Security Survey 31% of all healthcare providers experienced a breach to patient information Fewer than one in 10 of 600 surveyed could meet most of the meaningful-use requirementsPonemon Institute and security firm ID Expert research released Hospitals are exposed to a loss of $6 billion dollars annually as a result of breaches 70% of respondents indicated that patient data protection is not a priority
  6. Patient Protection and Affordable Care Act and subsequent Health Care and Education Reconciliation Act of 2010 are passedHITECH Act extends HIPAA Privacy and Security requirement to business associatesHHS proposes HIPAA Privacy, Security and Enforcement Rules modificationsHHS National Coordinator, Office of the National Coordinator for Health IT, Dr. David Blumenthal forms Privacy and Security “tiger team”United States Health Human Services (HHS) publication of breaches of unprotected PHI affecting over 500 individuals totals 3,608,753Connecticut Attorney General, now Senator Richard Blumenthal, issues suit against Health Net for failing to secure the information of 446,000 individuals whose data was on a lost, unencrypted hard driveSettled for $250,000Conditional $500,000 to be paid in the event that the breach proves to have lead to the access of personal information2010 Healthcare Information and Management Systems Society (HIMSS) Security Survey 31% of all healthcare providers experienced a breach to patient information Fewer than one in 10 of 600 surveyed could meet most of the meaningful-use requirementsPonemon Institute and security firm ID Expert research released Hospitals are exposed to a loss of $6 billion dollars annually as a result of breaches 70% of respondents indicated that patient data protection is not a priority
  7. Patient Protection and Affordable Care Act and subsequent Health Care and Education Reconciliation Act of 2010 are passedHITECH Act extends HIPAA Privacy and Security requirement to business associatesHHS proposes HIPAA Privacy, Security and Enforcement Rules modificationsHHS National Coordinator, Office of the National Coordinator for Health IT, Dr. David Blumenthal forms Privacy and Security “tiger team”United States Health Human Services (HHS) publication of breaches of unprotected PHI affecting over 500 individuals totals 3,608,753Connecticut Attorney General, now Senator Richard Blumenthal, issues suit against Health Net for failing to secure the information of 446,000 individuals whose data was on a lost, unencrypted hard driveSettled for $250,000Conditional $500,000 to be paid in the event that the breach proves to have lead to the access of personal information2010 Healthcare Information and Management Systems Society (HIMSS) Security Survey 31% of all healthcare providers experienced a breach to patient information Fewer than one in 10 of 600 surveyed could meet most of the meaningful-use requirementsPonemon Institute and security firm ID Expert research released Hospitals are exposed to a loss of $6 billion dollars annually as a result of breaches 70% of respondents indicated that patient data protection is not a priority
  8. Patient Protection and Affordable Care Act and subsequent Health Care and Education Reconciliation Act of 2010 are passedHITECH Act extends HIPAA Privacy and Security requirement to business associatesHHS proposes HIPAA Privacy, Security and Enforcement Rules modificationsHHS National Coordinator, Office of the National Coordinator for Health IT, Dr. David Blumenthal forms Privacy and Security “tiger team”United States Health Human Services (HHS) publication of breaches of unprotected PHI affecting over 500 individuals totals 3,608,753Connecticut Attorney General, now Senator Richard Blumenthal, issues suit against Health Net for failing to secure the information of 446,000 individuals whose data was on a lost, unencrypted hard driveSettled for $250,000Conditional $500,000 to be paid in the event that the breach proves to have lead to the access of personal information2010 Healthcare Information and Management Systems Society (HIMSS) Security Survey 31% of all healthcare providers experienced a breach to patient information Fewer than one in 10 of 600 surveyed could meet most of the meaningful-use requirementsPonemon Institute and security firm ID Expert research released Hospitals are exposed to a loss of $6 billion dollars annually as a result of breaches 70% of respondents indicated that patient data protection is not a priority
  9. Patient Protection and Affordable Care Act and subsequent Health Care and Education Reconciliation Act of 2010 are passedHITECH Act extends HIPAA Privacy and Security requirement to business associatesHHS proposes HIPAA Privacy, Security and Enforcement Rules modificationsHHS National Coordinator, Office of the National Coordinator for Health IT, Dr. David Blumenthal forms Privacy and Security “tiger team”United States Health Human Services (HHS) publication of breaches of unprotected PHI affecting over 500 individuals totals 3,608,753Connecticut Attorney General, now Senator Richard Blumenthal, issues suit against Health Net for failing to secure the information of 446,000 individuals whose data was on a lost, unencrypted hard driveSettled for $250,000Conditional $500,000 to be paid in the event that the breach proves to have lead to the access of personal information2010 Healthcare Information and Management Systems Society (HIMSS) Security Survey 31% of all healthcare providers experienced a breach to patient information Fewer than one in 10 of 600 surveyed could meet most of the meaningful-use requirementsPonemon Institute and security firm ID Expert research released Hospitals are exposed to a loss of $6 billion dollars annually as a result of breaches 70% of respondents indicated that patient data protection is not a priority
  10. Change management is the cornerstone of many regulationsChange management and testingStart with a baseline w/hardened configurationsDynamic policy testingChange process analysisReconcile to authorization
  11. Monitor activity Capture logsAnalyze for high-risk eventsCorrelate change and events
  12. ER: This is really what you want to know. 5 failed logins on it’s own followed by a successful login is probably a medium to low alert. In fact, this is so common it’s contributing to SIEM overload. But, getting an unrelated alert for each one of these every step along the way won’t help. We think you need this context to see all of these happening in concert so you can quickly see these complicated patterns that impact security. TZ (to transition to next slide): so what does Tripwire do to help solve this?