On January 06, 2025, the Department of Health and Human Services (HHS) issued a notice of proposed rulemaking (NPRM) to solicit comment on its proposal to modify the Security Standards for the Protection of Electronic Protected Health Information (“Security Rule”) under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act). The proposed modifications would revise existing standards to better protect the confidentiality, integrity, and availability of electronic protected health information (ePHI).
- Removal of “addressable” specifications
- Mandatory encryption
- Multi-factor authentication (MFA)
- Technology Asset Inventory and Network Map
- Enhanced Risk Analysis
- Updated Business Associate Agreements
- Contingency Planning
The NPRM is in the public comment phase which is scheduled to complete on March 7, 2025. This webinar is intended to provide an overview of the proposed changes and to provide a perspective of how these changes could impact covered entities and Business Associates in Hawaii.
There is no cost to attend this webinar.
Target audience:
Join this webinar if you are in the healthcare sector or have an interest in how to better protect personal information stored in healthcare systems.
- Healthcare providers
- Healthcare security professionals
- Healthcare IT professionals
- Business Associates
Presenters:
Al Ogata
President & CEO,CyberHawaii
Al Ogata is the President & CEO of CyberHawaii, a local non-profit that focuses on building resiliency against cyber threats within small and midsize businesses as well as the population in general. CyberHawaii focuses on the sharing of cybersecurity information and supports educational pathways for students in the cyber security and technology arenas. Al has over forty years of experience in the information security and solution development fields. Prior to joining CyberHawaii he was the Chief Operating, Technology and Compliance Officer at the Hawaii Health Information Exchange. Prior to this he was at HMSA for 18 years, last serving as the organization’s Chief Information Security Officer (CISO), HIPAA Privacy and Security Officer and executive in charge of Business Continuity and Emergency Response. Prior to joining HMSA he worked in Silicon Valley for over 20 years at a variety of organizations ranging from two person startups to established companies like Hewlett-Packard and Wyse Technology.
Peter Lewis
Vice-President & Chief Information Security Officer (CISO)
Hawaii Pacific Health (HPH)
Peter Lewis is the Vice President & Chief Information Security Officer at Hawai‘i Pacific Health, where he is responsible for Information Technology Infrastructure and Information Security. Hawai‘i Pacific Health is a not-for-profit health care system that is anchored by its four medical centers – Kapi‘olani, Pali Momi, Straub Benioff and Wilcox, as well as more than 70 locations statewide. Prior to joining Hawai‘i Pacific Health in 2021, Peter was Vice President, Information Technology for Hawai‘i Medical Service Association (HMSA), and prior to that he served in various leadership roles at HMSA, the Queens Health Systems, and with a global Information Technology systems integrator. Peter also served as an officer in the Royal Australian Air Force, with operational deployments to the Middle East and the Asia-Pacific. He holds a Master of Science in Information Technology from the University of New South Wales, and a Master of Nuclear Science form the Australian National University. Peter is a Fellow of the American College of Healthcare Executives, and serves on several community boards to include the Pacific Fleet Submarine Museum, Boys & Girls Club of Hawai‘i, and the Laulima Data Alliance.
Sudhakar Gummadi
Chief Information Security Officer (CISO)
Hawaii Medical Service Association (HMSA)
Sudhakar Gummadi is the chief information security officer (CISO) at Hawai‘i Medical Service Association (HMSA), an independent licensee of the Blue Cross and Blue Shield Association. In this role, Gummadi provides strategic leadership for safeguarding the confidential information of HMSA members and stakeholders while enabling technology advances and business transformation.
Gummadi is a proven leader with more than 25 years of experience in cybersecurity and the healthcare industry. In 2014, Evanta, a Gartner company, awarded him a Top 25 Global CISO Leadership Award.
Prior to joining HMSA, Gummadi served as an executive cyber security adviser and consultant at Anthem Inc. Gummadi also served as vice president and CISO at Molina Healthcare, a Fortune 500 company, where he led the enterprise information security program and was named the company’s first CISO. He has extensive information security experience related to the Health Insurance Portability and Accountability Act, which sets the standard for protecting patient and member data.
Gummadi is a certified CISO executive from Carnegie Mellon University and a certified information system security professional from ISC2, the world’s leading member association for cybersecurity professionals. He holds master’s degrees in public administration and computer science.
