Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

EVENTS

Safeguarding Health Information: Building Assurance through HIPAA Security 2024

Name: Safeguarding Health Information: Building Assurance through HIPAA Security 2024
Start: 2024-10-23T00:00:00-04:00
End: 2024-10-24T23:59:00-04:00
Location: Hubert H. Humphrey Building 200 Independence Avenue S.W. Washington, D.C., 20201

conference

October 23 - 24, 2024

Hubert H. Humphrey Building
200 Independence Avenue S.W.
Washington, D.C., 20201

[UPDATE 9/3/2024] In-Person registration is now closed. We have reached the capacity for the venue. Virtual registration is still open.

Registration Fees:

The registration fee for in-person is $180.00 and includes all-day beverage service, morning and afternoon snacks, and lunch each day.

The virtual registration fee is $50.00.

The virtual link will be sent out on Monday, October 21st

All paid participants will receive a link to the on-demand recording within two weeks of the event.

Technical Contact:

Jeffrey Marron
jeffrey.marron [at] nist.gov (jeffrey[dot]marron[at]nist[dot]gov)

Registration Contact

Crissy Robinson crissy.robinson [at] nist.gov (crissy[dot]robinson[at]nist[dot]gov)

Safeguarding Health Information: Building Assurance through HIPAA Security 2024

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) Information Technology Laboratory (ITL) are pleased to announce the return of the Safeguarding Health Information: Building Assurance through HIPAA Security conference. After a 5-year absence, the conference is returning to Washington D.C. on October 23-24, 2024 at the HHS Headquarters.

The conference will explore the current healthcare cybersecurity landscape and the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. This event will highlight the present state of healthcare cybersecurity, and practical strategies, tips and techniques for implementing the HIPAA Security Rule. The Security Rule sets federal standards to protect the confidentiality, integrity and availability of electronic protected health information by requiring HIPAA covered entities and their business associates to implement and maintain administrative, physical and technical safeguards.

The conference will offer sessions that explore best practices in managing risks to and the technical assurance of electronic health information. Presentations will cover a variety of topics including managing cybersecurity risk and implementing practical cybersecurity solutions, understanding current cybersecurity threats to the healthcare community, cybersecurity considerations for IoT in healthcare environments, updates from federal healthcare agencies, and more.

CEU/CLE Credits

NIST does not provide certificates of attendance or any specific information regarding CEUs/CLEs. Attendees are always welcome to self-report to their authoritative certification bodies to request CEUs/CLEs.

AGENDA: The full conference agenda for October 23 – 24 is below. All times listed are in U.S. Eastern Daylight Time (EDT). Please note, sessions or speakers/panelists may change or be withdrawn at any time with no notice.

Wednesday October 23

9:00am – 9:05am: Welcome/Introduction
- NIST Applied Cybersecurity Division Chief Julie Chua
9:05am – 9:10am: Logistics/Deputy Secretary Palm Intro
- HHS OCR Deputy Director Tim Noonan
9:10am – 9:30am: Cybersecurity in Healthcare Keynote
- HHS Deputy Secretary Andrea Palm
9:35am – 10:10am: Healthcare Cybersecurity Threat Briefing
- HHS Cyber Security Operations Cyber Threat Intelligence Branch Chief Rahul Gaitonde
10:15am – 10:45am: FTC Policy and Enforcement Updates
- FTC Attorney Division of Privacy and Identity Protection Ryan Mehm
10:45am – 11:00am Break
11:00am – 11:25am: Medical Device Cybersecurity
- FDA Senior Cyber Policy Advisor Division of Medical Device Cybersecurity Jessica Wilkerson
11:25am – 12:10pm: Medical Internet of Things and IoT Cybersecurity
- Moderator: NIST Cybersecurity for IoT Director Kat Megas
- Panel:
  - FDA Senior Cyber Policy Advisor Division of Medical Device Cybersecurity Jessica Wilkerson
  - NIST Cybersecurity for IoT Technical Lead Mike Fagan
  - Veterans Health Administration Medical Device Networking and Cybersecurity Director Connor Walsh
  - HHS OCR Senior Advisor for Cybersecurity Nick Heesters
12:10pm – 1:10pm: Lunch
1:10pm – 1:40pm: NIST Privacy Framework
- NIST Privacy Policy Advisor Dylan Gilbert
1:45pm – 2:20pm: NIST SP 800-66r2 + Risk Analysis/Risk Management
- NIST Applied Cybersecurity Division IT Specialist (InfoSec) Jeff Marron
- HHS OCR Senior Advisor for Cybersecurity Nick Heesters
2:20pm – 2:35pm: Break
2:35pm – 3:25pm: HHS Cybersecurity Activities
- Moderator: HHS OCR Deputy Director Tim Noonan
- Panel
  - HHS ASPR Deputy Director Brian Mazanec
  - FDA Senior Cyber Policy Advisor Division of Medical Device Cybersecurity Jessica Wilkerson
  - HHS ASTP/ONC Deputy National Coordinator Steve Posnack
  - HHS Advisor to the Deputy Secretary Akshay Venugopalan
3:30pm – 3:55pm: OCR Policy Updates
- HHS OCR Senior Advisor for Health Information Privacy, Data, and Cybersecurity Policy Marissa Gordon Nguyen
3:55pm – 4:00pm: Day One Close Out
- HHS OCR Deputy Director Tim Noonan

Thursday October 24

9:00am – 9:10am: Welcome/Recap/Logistics/HHS OCR Director Intro
- HHS OCR Deputy Director Tim Noonan
9:10am – 9:30am: HHS OCR Keynote
- HHS OCR Director Melanie Fontes Rainer
9:35am – 10:00am: Artificial Intelligence in Healthcare Keynote
- HHS Assistant Secretary for Technology Policy, National Coordinator for Health Information Technology, and Acting Chief Artificial Intelligence Officer Micky Tripathi
10:05am – 10:55am: HHS Artificial Intelligence Panel
- Moderator: HHS Counselor to the Deputy SecretaryErin Szulman
- Panel
  - FDA Director of Digital Health Center of Excellence Troy Tazbaz
  - CMS Deputy Director for Policy for the Center for Consumer Information and Insurance Oversight Jeff Wu
  - ASTP/ONC Chief Privacy Officer Kathryn Marchesini
  - NIH Associate Director for Data Science Susan Gregurick
  - NIST AI Innovation Laboratory AI and Cybersecurity Researcher Martin Stanley
  - HHS OCR Senior Advisor for Cybersecurity Nick Heesters
10:55am – 11:10am: Break
11:10am – 12:00pm: Small and Rural Cybersecurity Considerations
- Moderator: NIST Lead for Small Business Engagement Daniel Eliot
- Panel:
  - Cybersecurity and Infrastructure Security Agency Deputy Director Nitin Natarajan
  - CommHIT Chief Executive Officer Kendra Siler
  - HHS ASPR Director, Healthcare and Public Health Cybersecurity Charlee Hess
12:00pm – 1:00pm: Lunch
1:00pm – 1:40pm: NIST Cybersecurity Framework 2.0 + Resources
- NIST National Cybersecurity Center of Excellence Director Cheri Pascoe
1:45pm – 2:30pm: NIST National Cybersecurity Center of Excellence Healthcare Cybersecurity Project Updates
- Moderator: NIST National Cybersecurity Center of Excellence Healthcare Program Manager Ron Pulivarti
- Panel:
  - CareFirst Vice President, Chief Information Security Officer Rob Suarez
  - MedCrypt Vice President Regulatory Strategy Seth Carmody
  - Mitre Corp. Principal Cybersecurity Engineer Sue Wang
2:30pm – 2:45pm: Break
2:45pm – 3:20pm: Workforce Framework for Cybersecurity (NICE Framework)
- NIST NICE Framework Lead Karen Wetzel
3:25pm – 3:55pm: HHS OCR Enforcement Update
- HHS OCR Senior Advisor for HIPAA Compliance & Enforcement Emily Crabbe
3:55pm – 4:00pm: Conference Close Out
- HHS OCR Deputy Director Tim Noonan

Please see below for a list of nearby hotels:

Holiday Inn Washington Capital - National Mall
550 C Street SW, Washington, District of Columbia, 20024
Distance to HHS: 0.9 miles

citizenM Washington DC Capitol hotel
550 School St SW, Washington District of Columbia, 20024
Distance to HHS HQ: 1.2 miles

Residence Inn Washington, DC National Mall
333 E ST. SW, Washington, District of Columbia, 20024
Distance to HHS HQ: 0.9 miles

Hyatt Place Washington DC/National Mall
400 E Street SW, Washington, D.C. 20024
Distance to HHS HQ: 1.0 miles

Airports

These are the two closest airports to the Washington, D.C. area. Ronald Reagan National Airport (DCA) is the shortest travel distance to the meeting (3 miles south of downtown Washington, D.C.). Both airports have car rental services, as well as bus options. DCA provides easy Metrorail access on the yellow line:

Ronald Reagan Washington National Airport (DCA)
Arlington, VA 22202

Washington Dulles International Airport (IAD)
1 Saarinen Circle, Dulles, VA 20166

Information technology, Cybersecurity and Health IT