PCI Readiness Series
Overwhelmed by PCI? This webinar series will help you understand the whole standard and give tips and best practices for overcoming obstacles with PCI compliance.
Road to HIPAA Compliance Series
Ready for HIPAA compliance enforcement? Join the experts down the road to compliance and prepare for even the most challenging aspects of HIPAA compliance.
CFPB Readiness Series
CFPB requirements are being enforced. Are we ready? Learn the basics of building a CMS, managing vendor compliance, drafting policies & procedures, and more.
Chief Compliance Officer Series
Do you understand your role as Chief Compliance Officer? Define your role and responsibilities and learn compliance analytics, internal audit development and more.
Vendor Compliance Management Series
Join our Compliance Specialists as they define the required elements of your vendor compliance management program and discuss how to get started.
Information Security Management Series
This series lays the groundwork for data management and security using risk assessment, elements of an info-sec policy, and components for developing your security program.
Compliance is Never Enough Series
A common misconception, “I’m compliance, so I must be secure”. This 4-part series focuses on best practices for fully developing your security program.
Risk Management 101
Looking for a step-by-step approach to performing a HIPAA Risk Analysis? This series takes a detailed look at planning, conducting, and using your risk analysis.
Encryption & Key Management
/0 Comments/in Compliance Is Never Enough Series, Webinars /by Jenna KerstenThe purpose of this presentation is to give you a foundation of understanding about encryption. This webinar will not delve into the math involved, but rather, you will learn about the different types of encryption, key management basics, algorithm uses, and encryption attacks.
Using Your Risk Analysis
/0 Comments/in Risk Management 101 /by Jenna KerstenCompleting a comprehensive HIPAA risk analysis is a big achievement and puts you in rare company…but you’re not done yet. At the end of your risk analysis, your organization should be asking: What are we doing to do with this risk? Has management reviewed this and agreed? How can we use this information to improve? A mature risk management program doesn’t ask, “Do we have to do this again?” Instead, your risk management program should incorporate an ongoing, integrated risk analysis. In this webinar, Mark Hinely will discuss five steps to take in order to use the results of your risk analysis: internal reporting, management responsibilities, corrective actions, monitoring, and auditing.
Hardening and System Patching
/0 Comments/in Compliance Is Never Enough Series, Webinars /by Jenna Kersten75% of the assessments that we do will generally have a finding regarding patching. So, what’s missing? What can we do to change that? In this webinar, Jeff Wilder, Director of PCI Services at KirkpatrickPrice, discusses best practices for patch management programs, best practices for vulnerability management and identification programs, false assumptions about patching, risk ranking, and tools that he recommends using.
Conducting Your Risk Analysis
/in Risk Management 101 /by Jenna KerstenIn this webinar, Mark Hinely will discuss planning a HIPAA risk analysis. The goal of this presentation is to teach the process of determining risks that are common for HIPAA risk considerations.
Moving from SSAE 16 to SSAE 18
/in Webinars /by Jenna KerstenWhy the change from SSAE 16 to SSAE 18? Convergence with international standards is driving this change. There have been changes on the International Statement on Attestation Engagements (ISAE) side, and in the U.S, the Auditor Standards Board (ASB), desires to converge its standards with the international community’s changes. The corresponding standard to SSAE 18, which is a U.S. only standard, relates to the new ISAE 3000.
Firewall and Router Management
/in Compliance Is Never Enough Series /by Jenna KerstenThis webinar is not going to provide you with specific instructions on how to configure your individual devices. However, it will provide you with the individual attributes that you need to consider when developing your router and firewall security program. In this webinar, we will focus on discussing physical devices, running operating systems, and secure traffic rules.
Planning Your Risk Analysis
/0 Comments/in Risk Management 101, Webinars /by KirkpatrickPriceWhat Does A Complete Risk Analysis Planning Process Look Like? In this session, we’ll discuss the five key elements of planning a HIPAA risk analysis.
Road to HIPAA Compliance: Trends in Enforcement Activity
/0 Comments/in Road to HIPAA Compliance, Webinars /by KirkpatrickPriceIn this webinar, Joseph Kirkpatrick and Mark Hinely discuss historic and current trends in OCR enforcement activity. 2016 has been a a record year for enforcement – and the year isn’t even over yet. These trends are the most direct way that the OCR can tell us what or where they’re looking. Mark Hinely has chosen 4 cases that represent 2016 enforcement activity trends: UMass Health, St. Joseph Health, Advocate, and University of Mississippi Medical center. Each of these organizations had breaches that led to massive penalty fines and extensive corrective actions. Advocate’s multiple breaches led to a $5.5 million fine, making it the largest ever. The trends we’re discussing deal with failure to conduct risk analysis and risk management, failure to create and implement effective policies and procedures, and failure to offer proper training to the workforce.