Cybersecurity in Health Care: Strategies for Mitigating Attacks and Protecting Your Organization

Virtual attacks on health care providers have more than doubled over the past five years, and show little signs of slowing. The sophistication and frequency of these attacks is growing at an alarming rate. Worse yet, the need to comply with cybersecurity regulations and data breach reporting requirements are increasing as well.

Join Foley & Lardner LLP and Moss Adams LLP in a half-day gathering to address cybersecurity concerns specific to health care executives, security/compliance officers and directors. We will address the landscape of typical attacks ranging from ransomware to data breaches, and provide you with the key elements of a cybersecurity compliance and risk management program.

• Identify common organizational vulnerabilities for security breaches. 


• Provide updates of the HIPAA and related privacy requirements in relationship to the current cyber-attacks. 


• Define the critical components of an incident management plan. 


• List the common elements of a cybersecurity compliance and risk management program. 


• Obtain sample checklists for a baseline data risk management program, addressing key areas including user education and awareness; managing user privileges; home and mobile considerations; managing data within a subcontractor; removable media controls; malware protection; monitoring; secure configuration; network security; and cybersecurity insurance.

Parking:

Complimentary valet parking is located in the City National Plaza located at 515 S. Flower Street. The entrance to this plaza can be found immediately following the 5th street light, on your right-hand side, after the large red and white 505 sign.

Once parked, take the 555 building escalators to the lobby where you will check in at the Foley check-in table.

Please note badges will be distributed when you check-in with building security and handouts will be distributed onsite. Audio or video recording of this presentation is prohibited.

Cost: Free to attend

Presenters:

Larry Vernaglia, Partner, Foley & Lardner LLP
Lawrence Vernaglia is a partner with Foley & Lardner LLP and is Chair of the firm’s nationally-ranked Health Care Industry Team. Mr. Vernaglia represents hospitals, health systems and academic medical centers and a variety of other health care providers. He represents both non-profit and for-profit/publicly traded companies in regulatory and transactional matters, including Medicare/Medicaid reimbursement compliance advice and appeals; mergers, acquisitions and financings.

Michael R. Overly, Partner, Foley & Lardner LLP
Michael R. Overly is a partner and intellectual property lawyer with Foley & Lardner LLP where he focuses on drafting and negotiating technology related agreements, software licenses, hardware acquisition, development, disaster recovery, outsourcing agreements, information security agreements, e-commerce agreements, and technology use policies.

James R. Kalyvas, Partner, Foley & Lardner LLP
James R. Kalyvas is a partner and transactional lawyer with Foley & Lardner LLP. Mr. Kalyvas advises companies, public entities, and associations on all matters involving the use of information technology, including structuring technology initiatives (e.g., outsourcing, ERP, CRM), vendor selection (RFP strategies, development and response review), negotiation, technology implementation (professional service agreements, SOWs, and SLAs), and enterprise management of technology assets. He has authored has authored articles and books relating to Big Data and cybersecurity issues, including Big Data: a Business and Legal Guide (CRS Press, 2014) and Taking Control of Cybersecurity: a Practical Guide for Officers and Directors.

Kevin Villanueva, CISA, CISSP, PCI QSA, Senior Manager, Moss Adams LLP
Mr. Villanueva has been in the information technology field since 1997 and leads the firm’s IT infrastructure and security practice. He specializes in government, not-for-profit, private entity, higher education, and health care clients. His areas of practice include IT security assessments; penetration testing; PCI DSS assessments; HIPAA compliance auditing; strategic technology planning; disaster recovery and business continuity planning; policies, procedures, and documentation development; and project management. In addition, he has designed and conducted technology assessments based on the internationally recognized ISO/IEC 27001/2, NIST, and COBIT standards, and has served as technical counsel on hundreds of technology security projects.

Program qualifies for 120 minutes CPE and 2 CLE credits.

CLE
Foley & Lardner LLP will apply for CLE credit after the program, wherever applicable. Foley & Lardner LLP is a State Bar of California MCLE approved provider. New York licensed attorneys admitted two years or less are not eligible to earn CLE credit through nontraditional formats. This program is appropriate for experienced New York attorneys only. Certificates of attendance will be distributed to eligible participants approximately 8 weeks via email.