This presentation is a recording of a webinar given on 6/10/2020 by Clearwater’s Senior Vice President of Product Innovation, Jon Stone.
Overview
The HIPAA Security Rule, as well as NIST and other standards, stipulate that a risk analysis and risk management process should be ongoing, and not a once and one process. The Office for Civil Rights “Guidance on Risk Analysis Requirements Under the HIPAA Security Rule” is based on NIST SP 800-30 Guide for Conducting Risk Assessments and further emphasizes the requirement for continuous, ongoing Cyber Risk Management.
With healthcare data, systems and devices exploding across the care delivery network and cyber-attacks growing in number and sophistication, healthcare organizations have to make assessing and managing their cyber risks an ongoing process. Monitoring organizational information systems and environments of operation will help to verify compliance, determine effectiveness of risk response measures and identify risk-impacting changes.
Continuous monitoring is the only way to maintain situational awareness of organizational and system security posture in support of risk management. This webinar will provide the key elements to successful and effective monitoring of your Cyber Risk Management program.
Mr. Stone addresses key topics including:
- Learn where monitoring fits into the System Development Lifecycle
- Know the essential steps of Information System Continuous Monitoring
- Learn what types of changes are included in continuous monitoring
- Know the importance of effectiveness monitoring