Skip to Page Content

Event Details

    2018 June: Healthcare Data Security and Compliance – Expectations of Business Associates

    Date: June 12, 2018, 11:15am – 1:00pm
    Crowne Plaza
    See Cvent Registration Details
    Event Type:
    iCal link
    Add to Calendar



    Healthcare Data Security and Compliance – Expectations of Business Associates

    Due to dramatically increased Governmental regulation, Covered Entities, and Healthcare Vendors are increasing pressure on the Business Associate Supply Chain to beef up their cyber security and information protection and requiring evidence of compliance with the HIPAA Security and Privacy Rule.
    The reality of HIPAA being Law is upon us and time is up from the OCR’s perspective for getting ready, breaches are continuing to occur and fines will continue to be levied to covered entities and business associates alike. What we do about it to protect our organizations, clients and stakeholders is up to us.
    This session is intended to shine a light on what we as business associates must do to recognize our “Chain of Trust” obligations. We will answer the Question: Who Is A Business Associate? And what should Business Associates be doing to implement effective and adequate security & privacy programs while creating a defensible position from an audit perspective.
    Discuss how despite the rapid evolution the industry is experiencing on many fronts, entities that build a culture around information security, implement a security plan and stay the course are rewarded over time.
    This session will explore how business associates, small to large, can get their arms around a risk management program to help ensure the protection of health information.


    James “Jay” Harmon

    Managing Director and Co-Founder of BorderHawk, a critical infrastructure focused boutique cyber security firm.
    35+ years in Business, Operation and Technology
    30+ years in Healthcare
    Current/Past Member: HIMSS, ISACA, HFMA, HCCA, Infraguard
    Presenter Bio(s)
    Managing Director, BorderHawk, Information Security & Governance
    Contract, Chief, Information Security Officer, CloudVault Health, creating a patented agent based suite of services designed to Discover, Classify, Report, Protect and Share highly protected highly regulated information. (e.g., ePHI, PII, PCI data)
    On Call CISO, IronShore, Cyber Liability Insurance Underwriting, Providing information security program reviews via structured interviews with leadership teams of IronShore cyber liability policy holders.
    Information Security, Privacy & HIPAA Compliance Subject Matter Expert, IBM Global Services, contracted to oversee development of the Data Security & Privacy Plan in support of Teva Pharmaceuticals Inhaler Application iOS based global rollout onto the Watson Health Cloud Infrastructure.
    Information Security Project Manager, VISA Global Information Security Group
    Virtual Desktop Deployment Key Security Controls Assessment & Professional Services,
    Director, SouthEast Region, Cynergistek, Healthcare Information Consulting Company
    Vice President of Operations, MD Datacor, Phase III, Clinical Trial Patient Recruitment
    General Manager and Executive Vice President, Alpha Data Systems, Physician Practice Management Services,
    Florida Department of Professional Regulation, Senior Management, Professional Licensure Accreditation of 1.8M individuals, Architected development of ELVIS, the Electronic Licensure Verification Information System
    Managing Partner, Governance, Risk & Compliance Solutions
    Professional Experience:
    Information Security and Privacy Risk Assessments; Information Security Program Management; Business Analysis and Strategic Planning; IT Strategy, Turnaround, and Transformation; Change Management; Organizational Communications; Business Continuity and Disaster Recovery Planning; Documentation and Training; Issue Resolution Management; Business Process Re-Engineering; Information Risk Analysis; Project Management; Plan B & C Project Recovery; RFP Development; System Development Methodology; Web Applications Development & Security
    Speaking and Presentations:
    Certified Facilitator - Georgia CyberSafety Initiative (GaCSI) Cyber Safety course
    Provide presentations covering current social media/internet related bullying and policies that reflect cyber safety information as required by the Children’s Internet Protection Act(CIPA), the Georgia Bullying Law (O.C.G.A. 20-2-751.4) and the Broadband Data Improvement Act (S. 1492). Course Discusses: Personal information; Cyber safety risks and misuses; Targeted youth; Devices; Web 2.0 trends; Gaming and virtual life trends; Tools and strategies; Legal issues
    Cyber Security Regulatory Compliance – What Complying with Regulatory Mandates Looks Like: Focus on HIPAA, PCI, GLBA, Federal and State Attorney General developed Information Security Mandates and describes the Information Security related activities that must be done to provide evidence to an Auditor on an organizations Compliance efficacy.