To discuss challenges, tips, and techniques for implementing the requirements of the HIPAA Security Rule, with particular focus on strategies for assessing the effectiveness of implemented security controls to support compliance and audit, as well as an organization’s overarching risk management program.

HIPAA 2009 Presentations

All Powerpoint presentations have been converted to PDF format.

Day 1 - Monday, May 18:

Keynote Presentation
Julie Boughn - CIO and Director, Office of Information Services (OIS), Centers for Medicare and Medicaid Services (CMS)

CMS Security Compliance Review Activities
Elizabeth Holland - CMS/OESS

Assessment Framework and Methodologies
Pat Toth - NIST

Assessments from the Assessor Perspective
Moderator: Arnold Johnson - NIST

Panelists:
Brian Johnson- OIG Atlanta Region IV
Mac McMillan - CynergisTek, Inc.
Mike Mellor - CMS/OIS

Assessments from the Organization Perspective
Moderator: Lesley Berkeyheiser, N-Tegrity Solutions Group

Panelists:
John Chase - Bethanna
Elizabeth Litten - Fox Rothschild LLP

E-Prescribe
Moderator: Donna Dodson - NIST

Panelists:
Drew Morgan - CMS/OESS
David Yakimischak – Surescripts
Peter Kaufman, M.D. - DrFirst
David Hunt, M.D. - HHS/ONC

Day 2 - Tuesday, May 19:

FISMA and it's Applicability to CMS Health Information
Ryan Brewer - CMS/OIS
Matt Scholl - NIST

The Role of the HIPAA Privacy Rule
Marilou King - HHS/OCR

Case Study: Valley Mental Health HIPAA Security Risk Analysis
Sue MillerLarry Eighmy - Halo Partners
Steve Taylor - Valley Mental Health

Security Automation
Matt Barrett - NIST
Kevin Stine - NIST

New Technologies, Threats, and Safeguards
Erika McCallister - NIST
Peter Mell - NIST
Matt Sexton - Booz Allen