March 2018

March 2018

Sponsor: NCC Group

Speaker: Vic Bhatia, Regional Director for the RMG practice at NCC Group

Title: HITRUST CSF – Introduction, Critical Success Factors, and Key Gotchas

Abstract:  HIPAA is not prescriptive, which makes it open to interpretation and difficult to apply. Organizations must necessarily reference additional standards for guidance on how to implement the requirements specified by HIPAA. It is also not the only set of security requirements healthcare organizations need to address (e.g., PCI, state, business partner requirements etc.).

The Health Information Trust Alliance (HITRUST) exists to ensure that information security becomes a core pillar of, rather than an obstacle to, the broad adoption of health information systems and exchanges. It has developed a CSF framework that addresses specific challenges such as concern over current breaches, numerous and sometimes inconsistent requirements and standards, compliance issues, and the growing risk and liability associated with information security in the healthcare industry. Organizations can use this CSF framework to create, access, store, or exchange Protected Health Information (PHI) safely and securely.

This presentation will give an introduction to the HITRUST CSF framework and how to implement it; and also, an overview of some of the critical success factors and ‘gotchas’ that NCC Group has encountered in its work as a HITRUST CSF Assessor.

BIO: Vic’s background is industry operator turned consultant. Earlier on in his career, Vic was the CISO of a global Fortune 500 company. He subsequently switched to consulting about 10 or so years ago; leveraging his  C | CISO leadership experience and board-level management skills to assist clients in the areas of information security, enterprise risk management, business continuity, compliance and governance.

Vic’s area of expertise is working with companies where “security fatigue” has set in – and executives are questioning the vision, value-add, execution, and ROI for security. Vic is a trusted advisor to the board and CISO-coach to “right-size”, align and fix under-performing security programs.

Vic is also a frequent speaker at various conferences and seminars, and the author of an upcoming book “CISO Essentials: Your First 90 Days”.

Lunch is $15 for non members, cash or check only.

Professional Credit: 1.5 CPE