All events are in Eastern Time (ET) unless otherwise noted in the event description.

  • Event Information

      Cybersecurity policies establish expectations for the protection of information against deliberate and accidental threats and vulnerabilities. Many organizations struggle with embedding these expectations into day-to-day operations. What's more, board and senior leadership expectations regarding cybersecurity may not always translate into viable policies and procedures. During this session, we will discuss moving toward principle-based policy governance based on widely available cybersecurity control standards. Participants will be invited to share their current experience with governance and provide feedback on the value of a principle-based approach. . List the challenges associated with defining, implementing and managing cybersecurity policies and procedures 2. Describe the traditional approach to cybersecurity policy management and its limitations 3. Explain a framework to more effectively define, organize, implement and manage organizational cybersecurity policy expectations  
  • Event Information

    Experts will discuss the current state of risks posed by medical devices and the challenges associated with getting an effective device management strategy in place. They will provide five key best practices to address the privacy, security, and patient safety issues posed by medical devices. Learning Objectives:
    1. Define the current security and patient safety risks posed by medical devices
    2. Analyze the operational challenges of managing medical device risks
    3. Identify best practices to incorporate medical devices into risk assessments and to implement a functional medical device governance structure
  • Event Information

    Incident response is changing dramatically. The approaches employed by most healthcare organizations are incredibly process-driven but not typically nimble or flexible enough to respond to the challenges presented by today’s cyberattacks. Further, the objectives and practices employed by traditional incident response do not take into account patient and life safety. New paradigm and approaches are required, and we believe that Cybersecurity Tactical Incident Response (CTIR) is the new generation of incident response. During this presentation, we will examine why traditional incident response approaches breakdown and become ineffective during fast-moving or prolonged incidents. Also, how approaches that employ protocols, immediate action drills (IAD), and minimalism are critical to not only protecting infrastructure but human life. We will also examine the core tenets of Cybersecurity Clinical Rapid Response and how this supports a CTIR program. Why integration between CTIR teams and OEM groups is vital and why FEMA certification of CTIR personnel is essential. During the presentation, we will also review case studies of incident response gone wrong and why, especially when it came to protecting patient safety. The program will also discuss the Left/Right of Bang planning cycle and how it applies to incident response.
  • Event Information

    Join as us as we dive into the myriad issues that must be considered by CIOs and others in the c-suite as healthcare data is increasingly exchanged both among and outside non-traditional healthcare settings, and as consumers become active managers of their health information. This presentation will dive into what this means for providers in an era of patient-directed data, a growing internet of things (IoT), the implications associated with artificial intelligence and machine learning, and of course the privacy and security implications associated with the new world order.  Learn what this means for compliance with the Office of the National Coordinator (ONC), the Office for Civil Rights (OCR), the Centers for Medicare & Medicaid Services (CMS), and the Federal Trade Commission (FTC) policies.

  • Event Information

    In this focus group session, we plan to discuss cloud transformation strategies for HDOs and payers - success factors and pitfalls in the planning, implementation, and operations/optimization phases. We will share what we are seeing in these areas in our client engagements and seek to learn more from the AEHIS members as they migrate workloads to the cloud.

    Learning Objectives:

    1) Find out what the 10 biggest security mistakes are when organizations move to the cloud.
    2) Learn the key success factors for planning cloud security transformation.
    3) Learn step-by-step recommendations for implementation and optimization of cloud security programs.