Overview: Everyone that has access to Protected Health Information has a role in activity review monitoring. The user may need to monitor activity under their login, supervisors, managers and directors should understand what is happening within their departments, security personnel must know and understand what they should be reviewing, the management of the organizations should know what is being reviewed,why it is being reviewed and what that means to the organization. This session will include activity review at the application and network layer.
Audit logs and information can be found at the network, server and application level and all levels of the organization should be aware of the importance of these activity reviews. This includes every employee to the board of the company. This session will explore the type of information everyone should be aware of and methods to communicate this to them. When actively reviewing access reports this session will discuss methods to accomplish this important task.
Why should you attend: The HIPAA Security Management Standard is the foundation of the security rule and it requires organizations to - Implement procedures to regularly review records of information system activity, such as:
Access Reports; and
Security incident tracking reports
In this session we will review what audit logs should be reviewed and why, how to review access reports and what construes a security incident and why and how an organization should review them. In addition, this session will discuss what information should be communicated to various levels within the organization. Security is everyone’s responsibility and understanding what can be reviewed and by whom is critical.
Areas Covered in the Session:
Why it is important to review this information
Who should be involved in this review
What information should be reviewed
How to obtain this information
Who Will Benefit:
Information Security Officers
Compliance and Privacy Officers
IT/IS Management and Staff
Contract Management Department
William Miaoulis CISA, CISM, is a senior healthcare information system (IS) professional with more than 20 years of healthcare Information Security experience. Bill is the founder and primary consultant for HSP Associates. Prior to starting HSP Associates in January of 2013, Bill was the Chief Information Security Officer (CISO) and led the HIPAA security and privacy consulting efforts for Phoenix Health Systems for over 11 years and also was the HIPAA Consulting Manager for SAIC for 18 months. For seven years, Miaoulis was the University of Alabama Birmingham (UAB) Medical Center’s Information Security Officer, where he instituted the first security and privacy programs at UAB starting in October 1992.
Phone No: 800-385-1607
Event Link: http://bit.ly/1cvopTU