Hi [[ session.user.profile.firstName ]]

Why Your Vendors Are Your Biggest HIPAA Privacy Risk

In the past, healthcare organizations have paid lip service to HIPAA’s privacy requirements for third party vendors, or “business associates.” As data breaches and malware continue to cripple healthcare institutions, many are realizing that their weakest links may be out of their control and in their vendor’s hands. How can you be assured that your ePHI data is in safe hands? By asking the right questions. Industries like finance, insurance, energy have managed third party risk programs for years. In this webinar learn how industry best practices can be incorporated to not only meet HIPAA requirements but also give visibility to manage your external risk to your healthcare organization.

The session will cover:
• Managing the risk of your Business Associates (and the risk of their Business Associates)
• Case Studies: Vendors as a common source of breaches
• Before you sign off on the Business Associate Agreement, what you should be doing?
• Work smarter, not harder: How to drive a cost-effective and OCR-compliant process.
Recorded Jun 26 2019 46 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Kathleen Randall, EVP North America CISSP, CISA, GSNA and Ben Dalton, Senior Technical Consultant
Presentation preview: Why Your Vendors Are Your Biggest HIPAA Privacy Risk

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Looking Forward: What to Expect With PCI 4.0 Nov 5 2019 5:00 pm UTC 45 mins
    Ben Dalton, Senior GRC Technical Consultant & Craig Moores, Risk Advisory Practice Director
    Compliance professionals around the world are eagerly awaiting more information about PCI’s latest release to the Data Security Standards: PCI DSS 4.0. During this 30-minute webinar, we will review the timeline of the 4.0 release. Discuss findings from the 2019 RFC period draft release, highlight key changes that are coming with the revised framework, and discuss how SureCloud will help clients navigate these changes.

    Key Takeaways:
    •Overall Timeline for 4.0
    •Draft Version & Request for Comment (October - November 2019)
    •Changes to PCIDSS that are coming soon
    •How SureCloud will empower clients to adapt to these changes

    Ben Dalton has spent the majority of his career in the IT security & GRC industry—both on the product side as well as a practitioner. At the Walt Disney company, Ben implemented processes and technology to help streamline and automate the PCI compliance program at Disney Parks & Resorts.

    Craig is responsible for SureCloud’s Risk Advisory Practice including engagement scoping, consultancy delivery and client relationships. Craig has experience in leading and delivering complex cyber security solutions aligned to strategic business objectives. Craig has broad cyber security experience including a strong technical, software development and project management background, with particular strengths in the areas of information risk management, PCI DSS, strategic planning and business auditing.
  • How To Choose The Right Technology For Your IRM Program Recorded: Sep 12 2019 37 mins
    Speakers: Kathleen Randall, EVP North America and Alex Brown, Product Director, SureCloud
    Confused about Integrated Risk Management (IRM)? Want to understand why IRM is different from GRC? Need some help using Gartner’s IRM Solutions Magic Quadrant to select suitable solutions?

    Join Kathleen and Alex as they discuss the fundamentals behind Integrated Risk Management and give you a glimpse into the latest Gartner IRM Solutions Magic Quadrant showing how to use the research to short-list suitable vendors based on your requirements.

    Key takeaways from the webcast include:

    •What is IRM and who is the audience
    •IRM Gartner Magic Quadrant 2019 revealed
    •How to apply Magic Quadrant scoring to your tool evaluation
    •Gartner’s take on SureCloud

    Kathleen Randall is responsible for SureCloud’s North America division, including sales, marketing, services, and customer support. Kathleen was most recently a Senior Manager in Dell Technologies’ RSA Archer GRC division, responsible for business strategy planning and market analysis. Prior to joining RSA, she was at Trustwave (acquired ControlPath GRC) and Deloitte. Kathleen’s Risk management experience includes Cybersecurity, outsourced internal audit and attestation service experience in both IT and Business processes. She has earned her CISSP, CISA and GSNA certifications.

    Alex Brown oversees the definition and delivery of all SureCloud’s product solutions across both GRC and Cybersecurity. Alex previously held senior product management positions at US-based technology companies; Veritas Technologies and Symantec, where he helped bring numerous information management, software and SaaS, solutions to market across EMEA, the Americas and Asia Pacific.
  • Why Your Vendors Are Your Biggest HIPAA Privacy Risk Recorded: Jun 26 2019 46 mins
    Kathleen Randall, EVP North America CISSP, CISA, GSNA and Ben Dalton, Senior Technical Consultant
    In the past, healthcare organizations have paid lip service to HIPAA’s privacy requirements for third party vendors, or “business associates.” As data breaches and malware continue to cripple healthcare institutions, many are realizing that their weakest links may be out of their control and in their vendor’s hands. How can you be assured that your ePHI data is in safe hands? By asking the right questions. Industries like finance, insurance, energy have managed third party risk programs for years. In this webinar learn how industry best practices can be incorporated to not only meet HIPAA requirements but also give visibility to manage your external risk to your healthcare organization.

    The session will cover:
    • Managing the risk of your Business Associates (and the risk of their Business Associates)
    • Case Studies: Vendors as a common source of breaches
    • Before you sign off on the Business Associate Agreement, what you should be doing?
    • Work smarter, not harder: How to drive a cost-effective and OCR-compliant process.
SureCloud USA
SureCloud is a true SaaS provider of Integrated Risk Management and Privacy Management solutions, purpose-built for the organization looking to get away from managing their compliance and risk programs with manual methods, spreadsheets and SharePoint. SureCloud drives teams to increase effectiveness, efficiency and collaboration through process automation, while providing management with maximum visibility through reports that offer peace-of-mind and enterprise risk awareness.

The company has an extensive customer base spanning a variety of different industries and geographies. With that cross-industry expertise, SureCloud has created an out-of-the-box risk, compliance and privacy solution for healthcare payors, providers and healthcare vendors. If you have a small team, you may also benefit from SureCloud’s managed GRC service, which allows practitioners to focus on the analysis and high-value work, rather than worrying about system administration or configuration.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Why Your Vendors Are Your Biggest HIPAA Privacy Risk
  • Live at: Jun 26 2019 4:00 pm
  • Presented by: Kathleen Randall, EVP North America CISSP, CISA, GSNA and Ben Dalton, Senior Technical Consultant
  • From:
Your email has been sent.
or close