The National Institute of Standards and Technology (NIST) is co-hosting the fifth annual Safeguarding Health Information: Building Assurance through HIPAA Security conference on June 6 and 7, 2012, at the Ronald Reagan Building and International Trade Center. The conference is hosted in conjunction with the Department of Health and Human Services (HHS) Office for Civil Rights (OCR).
The Health Insurance Portability and Accountability Act (HIPAA) Security Rule specifies federal standards to protect the confidentiality, integrity and availability of protected health information in electronic record systems. The rule requires entities covered by HIPAA regulations, such as health care providers, health care plans and their business associates to implement and maintain administrative, physical and technical safeguards for their information systems.
The conference is an opportunity for HIPAA security rule implementers; security, privacy and compliance officers; assessment teams and audit staff in health care providers to explore current issues in health information security and to discuss practical strategies, tips and techniques for implementing the HIPAA Security Rule.
Specific sessions will cover a variety of current topics, including updates on HHS health information privacy and security initiatives, OCR's enforcement of health information privacy and security activities, integrating security safeguards into health IT, safeguards to secure mobile devices, and removing sensitive data from the Internet.
NIST provides ongoing expertise in risk management, security and standards for federal agencies and has been involved in health information technology research since 1994. NIST is responsible for accelerating the development and harmonization of standards and developing conformance test tools for health information technology.
OCR enforces the HIPAA Privacy Rule, which protects the privacy of individually identifiable health information; the HIPAA Security Rule; the confidentiality provisions of the Patient Safety Rule, which protect identifiable information being used to analyze patient safety events and improve patient safety; and the Breach Notification regulations requiring HIPAA-covered entities and their business associates to notify individuals when their health information is breached.
For those who cannot attend in person, the conference is being webcast. Registration instructions, current agenda and conference logistics are available online.