Exclusive Private Webcast 

Compliant with California’s Privacy & Security Mandates?

Increased CDPH & CalOHII Enforcement & Investigations

To Schedule a Private Webcast Customized to Address Your Requirements, Please Contact John Schelewitz at 1.480.663.3225 or John.Schelewitz@ecfirst.com

Webcast Summary

Join us at this exclusive briefing to examine key California regulations and information on investigations and audits by the California Department of Public Health (CDPH). There are several regulations in the area of information security that impact all organizations that processes personal information about a California resident.

No other forum is bringing together all of the California requirements and digesting critical requirements for your California-based organization. ecfirst has assembled all of the need-to-know data points for you and is presenting them in this exclusive Webcast! California is the most proactive state in the country with regards to safeguarding personal and health information. California has e4nacted legislation forcing companies to have to notify all members or citizens of California of a security breach.

In this unique Webcast we closely examine the mandatory requirements of several California security regulations including SB 1386, AB 1950, AB 1298, AB 211, SB 541 and others. New regulations not only include “personal information,” but also “medical information” and “health insurance information.” Together we will step through frameworks that may be applied to enable your organization to comply with numerous California requirements for protecting personal information.

Who should attend these sessions?

All companies that collect, store, and/or process personal, health or insurance information of California residents are affected by these regulations!

All levels of healthcare executives and administrators making strategic decisions on information technology, security, finance and operations should attend this session.

What is driving California’s security regulations?

Several factors are raising the critical need for organizations to examine their security safeguards to establish more resilient security measures.

1. A serious intent to combat medical identity theft
2. Highly publicized data security breaches of tens of thousands of patient records and well known VIPs

Enhanced penalties have been established for violations and a notification timeline has been established - so timely detection is critical.

California has expanded its security breach notification law and introduced additional requirements in the area of information security.

What questions should I be asking about information security?

• What personal information does my organization process?
• What personal information is my organization transmitting?
• What are all the regulations that impact the personal information my organization comes into contact with?
• Has my organization recently completed a thorough assessment of the computing environment to identify compliance gaps and security vulnerabilities?
• Are controls deployed to detect data breaches and incidents on a near real-time basis?
• Will I even know if there’s been a breach at my organization?
• What are my incident response and incident management procedures?

What will I learn?

• Review California’s requirements for SB 1386, AB 1950, AB 1298, AB 211, and SB 541
• Understand other State regulations including Massachusetts’ 201 CMR 17.00 and Nevada’s statute for encrypting customer personal information in transmission
• Evaluate what other organizations are doing and review emerging best practices to address State requirements
• Examine definitions of “personal information”, “encryption” and other key terminology in State regulations
• Evaluate frameworks, standards and guidance documents from the NIST, ISO and other organizations to address State security requirements

Speaker

Ali Pabrai, CISSP (ISSAP, ISSMP), CSCS

Cyber Security & Compliance Expert

ecfirst, Chief Executive

Ali Pabrai, chief executive of ecfirst, an Inc. 500 business, is a highly sought after cyber security and compliance expert.  Mr. Pabrai has successfully delivered tailored security solutions to hundreds of organizations across the United States.  He is also the author of the executive brief “Cyber Security Strategy: The 4 Laws of Information Security” and recently launched the Certified Security Compliance SpecialistTM (CSCSTM) program that addresses key compliance and security regulations, including PCI DSS, ISO 27001/27002, HIPAA, FISMA and others. Mr. Pabrai established the healthcare industry’s gold standard program on HIPAA certification with the establishment of the HIPAA AcademyTM.

Mr. Pabrai is a featured speaker and has presented opening keynote and other sessions at several conferences worldwide, including Microsoft HUG (HIMSS), HIMSS Midwest, Internet World, Comdex, NetSecure, and Information Systems Security Associations (ISSA) Conferences.  He is also a member of the U.S. FBI InfraGard.

Testimonials

“This was a great session given by a very knowledgeable individual. It has opened my eyes to how vulnerable an organization may be.”

Tammy Deras, Applications Manager

Prime Healthcare Services

“One of the best one-hour presentations I have ever witnessed. ecfirst people are true professionals, extremely knowledgeable and passionate about compliance and training.”
Michael Boanta, CEO
Boanta & Associates – Consultant for PrivateAccess.info

“Delivery and expertise on the topic matter was much more than expected…”
Jay Falck, CISSP, CSCS

Clients

Recent ecfirst clients include many hospitals, government agencies, Microsoft, McKesson, HP, Symantec and hundreds of other organizations.

Contact ecfirst – Hub for Compliance & Cyber Security

To bring this presentation to your site, or to tailor a webcast for your organization, please contact John Schelewitz at 1.480.663.3225 or at John.Schelewitz@ecfirst.com. To learn more about ecfirst and HIPAA Academy services, please visit www.ecfirst.com and www.HIPAAAcademy.Net.