Pirates of the PHI: Identifying & Responding to a Cyber Attack According to HIPAA Best Practices | Sessions

Search Schedule

Concurrent Session
Pirates of the PHI: Identifying & Responding to a Cyber Attack According to HIPAA Best Practices
In-Person Monday 06/12/2023 07:30 AM - 08:30 AM   Add to calendar

Competencies: Business (Behavioral), Leadership (Behavioral), Workplace (Technical) | Intended Audience: Mid-Level
Workplace Application:
Attendees will learn how to develop, implement, and administer a cyber crime risk mitigation strategy to respond to cyber crime. 

Cyber crime is costly and its effects can permeate throughout an organization for years following an attempted or successful cyber attack. Employee benefits plans are particularly at risk for certain types of cyber crime activities, due to their large transactional volumes and the relative value of their portfolio of assets, both in the retirement and health and welfare contexts. While almost no defensive strategy will create a perfectly impermeable employer, there are proactive steps that can be taken by an employer to mitigate the opportunity for, and the effects of, cyber crime. The Health Insurance Portability & Accountability Act ('HIPAA'), along with other privacy-related laws and regulations, offer a roadmap to building an employer's cyber defensive strategy. In this program, participants will learn methodologies used to analyze and respond to an attempted or successful cyber attack according to HIPAA best practices.

Learning Objectives:

  • Understand the four primary rules espoused under the law of HIPAA that coalesce to create an employer's cyber crime defensive strategies;
  • Understand the prevalence and opportunity for cyber crime directed at private organizations, particularly respecting human resources operations and employee benefit plan administration activities;
  • Understand and apply the principles of HIPAA respecting risk evaluation and risk mitigation opportunities, both as responsive and proactive tactics to mitigate cyber crime activities;
  • Understand and prepare required participant, federal secretary, media, and workforce notices of breach arising upon instances of breaches of protected health information compromised as the consequence of a successful cyber crime attack or campaign of attack; and,
  • Develop and implement an organizational contingency plans to respond to, and to proactively mitigate, the effects of cyber crime activities.

In-person session offerings are on a first-come, first-served basis.

To view all event accessibility & accommodations details visit here.

If a speaker has provided session materials, please visit https://presentations.shrm.org

Jason Nathaniel Sheffield Photo
Jason Nathaniel Sheffield, National Director of Compliance,
Baldwin Risk Partners