NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage
Search CSRC:

Insert Description Here.

prEsENtatioNs - 2011 HIPAA

Updated: 3:30pm Wed., May 11

NOTE: All presentations posted are in PDF format. Also note, when you click on the link to a presentation, the presentation will open up in a new browser window and this page will be in the background. If you wish to save the PDF file to your system, simply place your mouse cursor over the link, with your mouse right click and it should bring up an option window and select "Save File As" or "Save Target As" and then choose the directory such as your desktop to save the presentation to your system.

Tuesday, May 10 (Day 1):

9:00-9:30 Welcome and Logistics
David Holtzman, OCR and Kevin Stine, NIST

9:10-9:25 Leadership Remarks
Sue McAndrew, Deputy Director for Health Information Privacy, OCR
Donna Dodson, Division Chief of the Computer Security Division and Deputy Cyber Security Advisor, NIST

9:25-10:00 Health IT Policy Committee Privacy & Security Workgroup Recommendations for Privacy & Security of HIE
Deven McGraw, Director of the Health Privacy Project at the Center for Democracy & Technology (CDT) and Co-Chair of the HIT Policy Committee Privacy and Security Workgroup ("Tiger Team")

10:00-10:45 OCR Regulatory Updates
Sue McAndrew, Deputy Director for Health Information Privacy, OCR

11:00-11:45 National Strategy for Trusted Identities in Cyberspace (NSTIC)
Mike Garcia, NIST

11:45-12:30 Beyond HIPAA: FTC Proposed Privacy Framework
Loretta Garrison, Federal Trade Commission


1:30-2:15 Effective Tips for Implementing a Successful Privacy & Information Security Program
Alex Eremia, Vice President, Deputy General Counsel and Chief Privacy Officer, MedStar Health
Shallie Bryant, Corporate Privacy Manager, MedStar HealthTechnical

2:15-3:00 Privacy and Security: The Role of Regional Extension Centers (RECs)
Nathan Gibson, HIT Privacy and Security Officer, WVMI/QI
Nicholas Heesters, HIT Privacy and Security Specialist, QID
Adam Kehler, HIT Privacy and Security Specialist, QIP
Laurie Fink, Communications Specialist, WVMI/QI

3:15-4:00 Risk Analysis in the Multiple-Site Practice Setting
Marian Hughlett, Privacy Officer, University of Louisville
Robin Wilcox, Instructional Compliance Officer, University of Louisville

4:00-4:45 Securing Health Information in the Cloud
Feisal Nanji, Executive Director, Techumen


1:30-2:15 Identity Proofing and NIST SP 800-63: Applications in Healthcare
Dr. Alex Barclay, Director of Analytic Consulting, Fraud and Identity Solutions, Experian Decision Analytics
Nick Piazzola, Sr. Director, Government Authentication Solutions, Symantec

2:15-3:00 Trends for the Mobility-Enabled Healthcare Enterprise and Security Threats, Vulnerabilities, and Countermeasures
Ilene Yarnoff, Principal, Booz Allen Hamilton
Brenda Ecken, Principal, Booz Allen Hamilton

3:15-4:00 Security Considerations for Enabling State, Regional, and National-level HIE
Eric Heflin, Director of Standards and Interoperability, Medicity

4:00-4:45 ONC Health Information Technology Security Pilot
Roxanne Everetts, Information Assurance Research Fellow, LMI
Matthew Smith, Software Engineer, G2


Wednesday, May 11 (Day 2):

9:00-9:15 Welcome and Logistics
Kevin Stine, NIST
David Holtzman, OCR

9:15-10:30 Medical Device Security
Moderator: Dr. Dale Nordenberg, Medical Device Innovation, Safety, and Security Consortium
Bakul Patel, Policy Advisor, FDA Center for Devices and Radiological Health (CDRH)
Kevin Faulkner, Trend Micro
Michael Taborn, Intel
Steve Abrahamson, GE Healthcare

10:45-11:30 Network Security, Incident Management, and Insider Threats in the Healthcare Industry
Randy Trzeciak, Carnegie Mellon SEI Insider Threat Team

11:30-12:15 OCR Enforcement Activities
Sue McAndrew, Deputy Director for Health Information Privacy, OCR
David Holtzman, Health Information Privacy Specialist, OCR


1:15-2:00 Practical Medical Device Security
Lynette Sherrill, Deputy Director, Health Information Security Division, Department of Veterans Affairs
Megan Friel, Biomedical Engineer, VHA Healthcare Technology Management Program Office

2:15-3:00 Breach Avoidance: The Only Meaningful Safe Harbor Strategy
Mac McMillan, Cynergistek

3:00-3:45 Breach Risk of Harm Assessment
Harry Rhodes, American Health Information Management Association


1:15-2:00 Strategies for Hardware Enabled Security
David Houlding, Healthcare Security & Privacy Lead Architect, Intel

2:15-3:00 NIST HIPAA Security Rule Toolkit
JP Chalpin, Exeter Government Services

3:00-3:45 Encryption Strategies for Protecting Health Information
Matt Scholl, NIST