Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Safeguarding Health Information: Building Assurance through HIPAA Security 2019

hipaa logo

The National Institute of Standards and Technology (NIST) and the Office for Civil Rights (OCR) announces sponsorship of a conference to address the dynamic and challenging environment faced by all organizations that encounter health records or information.

The on-time demand for health information and rapidly changing technologies have produced enterprise-wide risk management and novel cybersecurity threats to the healthcare industry.  New vehicles for storing and transferring health information and the management of medical devices make interoperability of real time data the new standard and the expectation of patients and providers alike. In such a marketplace, compliance officers, entrepreneurs, and government agencies all face new challenges to both perform the core functions of security and access and to keep up with a world of unprecedented change. This makes the 12th annual conference on Safeguarding Health Information timely and critical for covered entities, business associates, app developers, and health care professionals.

The Health Insurance Portability and Accountability Act (HIPAA) Security Rule remains the cornerstone for protecting health-related information, but effective protection of health information cannot be achieved by simply following past year’s formulas for compliance with the Rule.

The conference will begin with a timely update and overview from OCR Director Roger Severino. Panels and presentation will address the latest thinking on enterprise-wide risk management; emerging cybersecurity threats to the healthcare industry; management of medical devices, applications, and Internet of Things (IoT) in healthcare environments; updates from federal healthcare agencies… and more.

Sponsored by the National Institute of Standards and Technology (NIST) and the Office for Civil Rights (OCR) in the Department of Health and Human Services (HHS), the conference will be held on October 16-17, 2019, at the Washington Marriott at Metro Center, Washington, D.C. The conference also will be webcast.

Join us on Social Media using #HIPAASecurity

CEUs/CLEs: 

Unfortunately, NIST and HHS don't provide any specific information regarding CEUs/CLEs. Attendees are always welcome to self-report to their authoritative certification bodies to request CEUs/CLEs.

Parking

  • Valet parking, fee: $51 USD daily
  • Valet only per night-under 6 ft 6 in USD $51 -oversized USD $56 / Day guests up to 3 hrs USD $29, 3-8 hrs USD $41 plus tax

Hotel Website: Includes general information about  hotel, dining options, local area, maps, transportation etc.

https://www.marriott.com/hotels/maps/travel/wasmc-washington-marriott-at-metro-center/

Public Transportation Options: 

Metro Center (Red, Blue, Orange & Silver Lines) - G & 12th Street Entrance 0.1 miles S from hotel

Bus Station Union Station 2 miles E from hotel

 

Agenda (Printable PDF) Updated 10/10/19 (Speaker Presentations are linked below for each section)

  • 9:00am - 4:45pm ET Oct 16
  • 9:00am - 3:30pm ET Oct 17

NOTE: Approved speaker presentations are linked below in PDF format. 

Safeguarding Health Information: Building Assurance through HIPAA Security

Hosted by the HHS Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST)

Time

Day 1 – October 16, 2019

9:00-9:10

Welcoming Remarks

 

9:10-10:00

Keynote

Roger Severino, Director HHS Office for Civil Rights

Speaker Presentation (PDF)

10:00-10:15

Break

 

 

10:15-11:15

Key Findings from the 2019 Verizon Data Breach Investigations Report

Suzanne Widup, Senior Analyst Verizon Enterprise Solutions

Speaker Presentation (PDF)

 

11:15-12:15

Panel: Securing Picture Archiving and Communication Systems (PACS)

Speaker Presentation (PDF)

Jennifer Cawthra, NIST National Cybersecurity Center of Excellence Sue Wang, MITRE

Kevin Dietz, Hyland Michael Holt, Virta Labs Jim Wachhaus, Tripwire David Alfonso, Phillips

12:15-1:30

Lunch on Your Own

 

1:30-2:30

Panel: Best Practices from the HHS HICP CSA 405(d) Task Group

Julia Chua, HHS OCIO

Erik Decker, CISO, University of Chicago Medicine Nick Heesters, HHS OCR
Speaker Presentations (PDF)

2:30-2:45

Break

 

2:45–3:45

NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management

Speaker Presentation (PDF)

Naomi Lefkovitz Senior Privacy Policy Advisor, NIST

 

3:45-4:45

Data Governance and Artificial Intelligence in the Health Care Space

Alaap Shah Attorney at Epstein Becker Green

Speaker Presentation (PDF)

End Conference Day 1

 

 

Safeguarding Health Information: Building Assurance through HIPAA Security

Hosted by the HHS Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST)

Time

Day 2 - October 17, 2019

 

9:00-10:00

Keynote Address

An Organizational Risk Approach to Current and Emerging Health Care Threats and Opportunities
Speaker Presentation (PDF)

Elizabeth Callahan-Morris

VP & Deputy General Counsel, Hospital Operations Henry Ford Health System

and Christy Wheaton

VP & Chief Information Privacy and Security Officer Henry Ford Health System

10:00-10:15

Break

 

10:1511:15

HHS Security Risk Assessment Tool: New Functionalities and Uses

Speaker Presentation (PDF)

Lisa Steffey, Project Manager, Altarum Ryan Callahan, IT Business Analyst, Altarum

 

 

 

 

11:1512:15

Key Security Considerations for Healthcare Application Programming Interfaces (APIs)
Steve Posnack's Presentation (PDF)
Steve Posnack, Executive Director, Office of Technology at Office of the National Coordinator for Health Information Technology (ONC)

Linda Sanches, Senior Advisor, Health Information Privacy, HHS Office for Civil Rights
Linda Saches - Presentation (PDF)

12:15 1:30

Lunch on Your Own

 

 

1:302:30

Health Information Privacy Beyond HIPAA: A Framework for Use and Protection   

Speaker Presentation (PDF)

Linda L. Kloss, Kloss Strategic Advisors

Former Chair, National Committee on Vital and Health Statistics,

Subcommittee on Privacy, Confidentiality, and Security and

William W. Stead, MD Chief Strategy Officer

McKesson Foundation Professor of Biomedical Informatics Professor of Medicine

Vanderbilt University Medical Center

Chair, National Committee on Vital and Health Statistics

 

2:30 3:30

Update on OCR’s HIPAA Compliance and Enforcement Activities
Speaker Presentation (PDF)
Serena Mosley-Day, Senior Advisor Compliance and Enforcement

HHS Office for Civil Rights

 

 

 

End Conference

There is no hotel block for this event. However, please visit the Hotel Website which Includes general information about  hotel, dining options, local area, maps, transportation etc. or  Places to Stay

Parking:  Parking is not included in the registration fee.  

  • Valet parking, fee: $51 USD daily
  • Valet only per night-under 6 ft 6 in USD $51 -oversized USD $56 / Day guests up to 3 hrs USD $29, 3-8 hrs USD $41 plus tax

 

Created June 17, 2019, Updated November 25, 2019