Conference Overview Benefits of Attending Educational Credit Register Now Conference Organizers Conference Overview Best practice, from both business and information management perspectives, requires healthcare organizations to evaluate the likelihood and consequences of compromises to the security of patient information that they acquire, maintain, or disclose. However, as a practical matter, not all risk can or should be acted upon. To identify relevant risks, healthcare organizations are now required by HIPAA to conduct and document a formal risk assessment of their information systems. Many organizations will find this task daunting. The typical healthcare organization has hundreds, if not thousands, of applications that maintain or process health information -- information that is exchanged with large communities of users using a complex set of communications channels and protocols. The HIPAA mandated risk analysis will require healthcare organizations to upgrade their informal and often intuitive processes for risk related decision making about the adequacy of prospective and implemented security controls. Healthcare organizations will need to develop an institutional discipline for detailing the threats and their consequences as well as for making and justifying risk mitigation decisions. The cost effective security program is built upon the recognition that risk does not equal vulnerability; vulnerabilities must be calibrated in terms of the likelihood and business impact of potential exploit. The Relevant Risk conference will walk attendees through a risk analysis methodology that will ensure their organization achieves HIPAA security compliance cost-effectively. The conference provides training in OCTAVE, the "Operationally Critical Threat, Asset, and Vulnerability Evaluation" risk analysis methodology developed by the Software Engineering Institute at Carnegie-Mellon University. OCTAVE has been successfully implemented at both large and small organizations, and guides information security risk mitigation for the Dept. of Defense's healthcare operations. The OCTAVE training is designed around a number of case studies from an actual healthcare organization and presented in a workshop format to allow attendees ample opportunity to interact with their peers from other healthcare organizations. The conference supplements the OCTAVE training with presentations from leading healthcare and security experts on some of the more difficult aspects of health information security. By the end of the conference, attendees will have acquired sufficient information and learned from the experience of others to initiate their own HIPAA security risk analysis. Benefits of Attending Attendees receive: Workbook and step-by-step instructions for conducting and documenting a HIPAA required risk analysis. Risk management training provided by certified OCTAVE instructors. Strategies to prioritize and cost justify your IT security investments. Rationale to justify and defend, if necessary, your decisions that certain risks are acceptable. Practical recommendations by industry experts in security and healthcare compliance. Opportunities to interact with peers from other healthcare organizations about risk management concerns. Education Credits CISSP -- This program qualifies for security professional (CISSP) or security practitioner (SSCP) continuing professional education credit. ACHE -- American College of Healthcare Executives. Application for credit is pending. For information about other education credits, contact Tunitas Group at 209-754-9130. REGISTRATION IS CLOSED Conference attendance is limited in order to ensure quality interaction with presenters and risk analysis instructors. The program offers instructional workbook and hands-on work sessions coupled with practical best practices from healthcare compliance and security professionals. Don't miss this timely opportunity to get a head start on your HIPAA security requirements. Conference Organizers Tunitas Group is consulting firm specializing in information technology and its applicability to improving healthcare operations. For more information about Tunitas Group, click here. Impruve is an authorized OCTAVE licensee which provides quality security solutions to organizations. For more information about Impruve, click here.