The seventh annual "Safeguarding Health Information: Building Assurance through HIPAA Security" conference will be held September 23-24, 2014, in Washington, D.C. The meeting is co-hosted by the National Institute of Standards and Technology (NIST) and the Department of Health and Human Services' Office for Civil Rights (OCR).
The conference will explore the current health information technology security landscape in the context of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. The Security Rule sets federal requirements for protecting the confidentiality, integrity and availability of electronic protected health information by requiring HIPAA covered entities and their business associates to implement and maintain administrative, physical and technical safeguards.
This event will highlight the present state of health information security and practical strategies, tips and techniques for implementing the HIPAA Security Rule.
Conference sessions will explore security management and technical assurance of electronic health information. Presentations will cover topics that include updates on the Omnibus HIPAA/HITECH Final Rule, breach management, strengthening cybersecurity in the health care sector, integrating security safeguards into health IT, managing risk and securing mobile devices.
NIST provides ongoing expertise in risk management, security and standards for federal agencies and has been involved in health information technology research since 1994. NIST is responsible for accelerating the development and harmonization of standards and developing conformance test tools for health information technology.
OCR enforces the HIPAA Privacy Rule, which protects the privacy of individually identifiable health information; the HIPAA Security Rule; the confidentiality provisions of the Patient Safety Rule, which protect identifiable information being used to analyze patient safety events and improve patient safety; and the breach notification regulations requiring HIPAA-covered entities and their business associates to notify individuals when their health information is accessed without authorization.
For those who cannot attend in person, the conference is being webcast. Registration instructions, current agenda and conference logistics are available online. All registrations include access to archived webcast presentations and materials.