Health Information Security & Privacy Web Seminar CD
Critical steps to avoid a breach



Web Seminar Recorded Live on August 5, 2010

Your security is only as strong as your weakest link and the challenges and risks are many.

In June 2010, the California Department of Public Health (CDPH) issued $675,000 in fines to hospitals for six privacy breaches related to information security. In addition to the significant financial burdens, hospitals also risk a loss of public trust — patients expect and are entitled to have their privacy safeguarded when they seek medical care.

How can you find the weak links in your hospital’s systems and monitor against a breach of patients’ health information? What are the appropriate access controls? Do your policies align with your procedures, and are they being followed? And, when a breach happens, what actions can and should a hospital take, and what can you expect from surveyors?

This web seminar provides you with the information and tools you will need to help prevent a health information breach of security. The program is presented in three components:

The Law: A Review of What’s Required

  • State and federal laws governing breaches of health information — SB 541, AB 211, HITECH
  • Breach notification requirements — to the patients, state and federal governments
  • Personal liability of staff and physicians, the role of Cal-OHII
  • Human resource issues including role-based access and sanctions

CDPH Survey Process and Trends

  • The survey process and expectations
  • Trends and statistics, what are surveyors finding
  • Complaints vs. self-reported breaches
  • Report status and knowing when the case is closed

Steps to Assess and Enhance Your Security Systems

  • Taking stock of where you are now, identifying vulnerabilities
  • Common security gaps and how to close them
  • Developing solid and workable policies and procedures, monitoring for compliance
  • Building an incident management team, managing and using data
  • Resources, tools and checklists to evaluate your existing practices and systems
Recommended for

Chief executive officers, chief information officers, chief finanical officers, privacy officers, compliance officers, legal counsel, human resources managers, health information managers and security experts.


Kathleen Billingsley, RN, is the deputy director of the Center for Healthcare Quality within the California Department of Public Health. The Center for Healthcare Quality includes the Licensing and Certification program and Laboratory Field Services, and plays a critical role in the oversight and regulation of healthcare facilities, laboratories and providers. Prior to Ms. Billingsley’s appointment to the Department of Health Services in July 2006, she served as senior vice president of operations for Electronic Healthcare Systems from 2000-2006. Ms. Billingsley is a registered nurse.

Lois Richardson, JD, has worked for CHA for the past 18 years, primarily as legal counsel and most recently as vice president of legal publications and education. In addition to the California Health Information Privacy Manual, she is the author of numerous CHA publications including the Consent Manual, California Hospital Compliance Manual and Mental Health Law. Ms. Richardson is also the Executive Director for the California Society for Healthcare Attorneys (CSHA) providing legal education and networking opportunities for California’s healthcare attorneys.

Ali Pabrai, MSEE, CISSP, is the chief executive of, an Inc. 500 business. As an information security and regulatory compliance expert, he has successfully delivered solutions on health care information technologies to organizations across the United States. Mr. Pabrai was the creator of the successful Internet skills certification, CIW, and also established the industry’s first certification program on HIPAA – Certified HIPAA Professional (CHP) and Certified HIPAA Security Specialist™ (CHSS™). He recently launched the Certified Security Compliance Specialist™ (CSCS™) program. In addition, Mr. Pabrai is the co-creator of the Security Certified Program (SCP) — a program approved by the U.S. Department of Defense one of the industry’s most comprehensive hands-on information security certification programs.

CD File Format

Files on the web seminar CD are formatted to be viewed in Windows Media Player (.wmv). Presentation slides and supplemental materials are also included as .pdf files.

Privacy Resources