Home | Press | Contact Us | Testimonials | Clients | Sitemap


PRESS RELEASE
Contact: John Schelewitz
Email: John.Schelewitz@ecfirst.com
Phone: 1.480.663.3225
Website: http://www.ecfirst.com

Applying NIST Standards to Address Compliance Mandates
Step Through Checklist for HIPAA/HITECH Audit


Exclusive ecfirst Signature Webcast, June 8, 2010

NEWPORT BEACH, CALIFORNIA, USA – June 2, 2010: The HITECH Act, the HIPAA Security Rule, State regulations, PCI DSS, FACTA and other mandates are resulting in covered entities and business associates to “reasonably and appropriately” secure sensitive information such as PHI or EPHI. Further, organizations need to establish that “reasonable and appropriate” steps have been implemented to manage all such sensitive and confidential patient or client data.

In this ecfirst Webcast, step through how to apply NIST Standards and guidelines to address critical compliance mandates for regulations such as HIPAA, HITECH as well as State requirements.

Register for this complimentary webcast at www.ecfirst.com. Webcast scheduled for June 8 at 10:30 am central (8:30 am pacific).

Organizations are increasingly considering applying NIST Standards to comply with national regulations such as HIPAA and HITECH and standards such as PCI DSS. NIST Standards and Guidance documents may be applied to develop policies, plans and procedures for security capabilities and controls.


Learning Objectives:

  • Understand how NIST Standards provide best practice recommendations on information security management, risks and controls 
  • Examine how to apply NIST standards to address critical national and international privacy and security requirements.
  • Step through NIST guidelines to address security challenges for disaster recovery and contingency planning.
  • Apply NIST Standards to address data breach and security incident management.
  • Identify critical policies and procedures, including security plans, that organizations must develop and update, to establish a baseline for controls and countermeasures.

Detailed Description of Webcast
Your organization may be impacted by regulations such as the Payment Card Industry’s (PCI) Data Security Standard (DSS), European standards or U.S. Federal (HIPAA, HITECH, FISMA) and State requirements. An important reference and an excellent framework in the world of information security are the NIST Standards and Guidance publications. 

Organizations are increasingly considering applying the U.S. NIST Standards to comply with national regulations as well as standards such as the PCI DSS. NIST Standards may be applied to develop policies, plans and procedures for security capabilities and controls.

We describe why NIST guidance documents and standards are valuable references for the development of critical policies and procedures, including security plans that organizations must develop and update to establish a baseline for controls and countermeasures.

We step through how NIST Standards provide best practice recommendations on information security management, risks and controls within the context of an overall Information Security Management System (ISMS). We then examine how to apply NIST standards to address critical national privacy and security requirements. The NIST guidelines are terrific references to address security challenges for disaster recovery and contingency planning. We analyze how organizations are applying NIST Standards to address data breach and security incident management.

50% Off Policy Templates – Exclusive for Webcast Attendees
All Webcast attendees are eligible for a one-time 50% discount off any published ecfirst or HIPAA Academy policy template available at the Resource Center at www.ecfirst.com. This promotion is valid thru June 30, 2010. Contact John Schelewitz at John.Schelewitz@ecfirst.com for more information.

Intended Audience

  • Chief Information Security Officer (CISO or ISO)
  • Chief Information Officer (CIO)
  • Chief Technology Officer (CTO)
  • Director of Information Technology
  • Compliance Officer
  • Security Analyst
  • IT and Security Professionals

ecfirst Testimonials
“This was a great session given by a very knowledgeable individual. It has opened my eyes to how vulnerable an organization may be.”
Tammy Deras, Applications Manager
Prime Healthcare Services

“One of the best one-hour presentations I have ever witnessed. ecfirst people are true professionals, extremely knowledgeable and passionate about compliance and training.”
Michael Boanta, CEO
Boanta & Associates – Consultant for PrivateAccess.info

“Delivery and expertise on the topic matter was much more than expected…”
Jay Falck, CISSP, CSCS

Speaker

Ali Pabrai, CISSP (ISSAP, ISSMP), CSCS
Cyber Security & Compliance Expert
ecfirst, Chief Executive
Ali Pabrai, chief executive of ecfirst, an Inc. 500 business (2004), is a highly sought after cyber security and compliance expert.  Mr. Pabrai has successfully delivered tailored security solutions to hundreds of organizations worldwide.  He is also the author of the forthcoming book, Precision Security and recently launched the Certified Security Compliance SpecialistTM (CSCSTM) program that addresses key compliance and security regulations, including PCI DSS, ISO 27001/27002, HIPAA, FISMA and others. Mr. Pabrai established the healthcare industry’s gold standard program on HIPAA certification with the HIPAA AcademyTM.

Mr. Pabrai is a featured speaker and has presented opening keynote and other sessions at several conferences worldwide, including Middle East Healthcare Congress, Microsoft HUG (HIMSS), HIMSS Midwest, Internet World, Comdex, NetSecure, and Information Systems Security Associations (ISSA) Conferences.  He is also a member of the U.S. FBI InfraGard.

ecfirst Brings Deep Experience & Expertise with HITECH, HIPAA & U.S. State Regulations
ecfirst, home of the HIPAA Academy, is the gold standard for HIPAA and the HITECH Act with its comprehensive array of services that include policy templates, quick reference cards, training, certification and consulting. The ecfirst deep consulting expertise is embodied in its signature methodology, BizShieldTM - that enables organizations to comply with HIPAA and HITECH Act mandates. The ecfirst BizShieldTM methodology specifically includes the following core components:

  • A 2-day in-depth certification program, Certified HIPAA Professional (CHP) that addresses HIPAA Privacy, HIPAA Security, the HITECH Act and a lot more
  • A 2-day in-depth certification program, Certified Security Compliance SpecialistTM (CSCSTM) that addresses ISO 27000, PCI DSS, HIPAA, HITECH, FISMA and a lot more
  • HIPAA/HITECH Security Policy Templates that can easily be tailored to enable your organization establish a comprehensive library of policies that meet compliance mandates
  • The industry’s first ISO 27002/HIPAA Security Rule Mapping Framework document
  • Managed Compliance Services Program (MCSP) for HIPAA/HITECH that enables your organization to leverage deep ecfirst HIPAA/HITECH expertise and yet pay a fixed monthly fee for a 36-month period and access a range of compliance services

Clients
ecfirst clients in 2010 include hundreds of  hospitals, government agencies, Microsoft, Cerner, HP, and many organizations.

Contact ecfirst – The Gold Standard for HITECH and HIPAA
To bring this presentation to your site, or to tailor a webcast for your organization, please contact John Schelewitz at +1.480.663.3225 or at John.Schelewitz@ecfirst.com. To learn more about ecfirst services, please visit www.ecfirst.com.