9092: It Can Happen to You - Lessons Learned from Cybersecurity Incidents in Healthcare
This course examines cybersecurity incidents in the healthcare industry investigated by the Office for Civil Rights. The speakers describe cybersecurity commonalities that lead to security incidents in healthcare, determine actions that can reduce the risk of security incidents, and reduce the risk of the financial and reputational impact that follow these types of incidents. This course provides valuable lessons to prevent similar incidents from happening in your organization.
- Recognize commonalities that lead to security incidents in healthcare
- Determine actions that can reduce the risk of security incidents
- Reduce the risk of the financial and reputational impact that follow these types of incidents
This course is an online video option. It consists of a one-hour video presentation, followed by a test.
- 5% Premium Credit for Physician Policyholders
- 1.0 CME Credit for Physicians
- Certificate of Participation for Non-Physicians
Accreditation: This activity has been planned and implemented in accordance with the Essential Areas and policies of the Accreditation Council for Continuing Medical Education (ACCME) through the joint providership of the University of Tennessee College of Medicine (UTCOM) and State Volunteer Mutual Insurance Company. The UTCOM is accredited by the ACCME to provide continuing medical education for physicians.
AMA Credit Designation: The UTCOM designates this enduring material for a maximum of 1 AMA PRA Category 1 CreditTM. Physicians should claim only the credit commensurate with the extent of their participation in the activity.
AAFP: The AAFP has reviewed It Can Happen to You: Lessons Learned from Cybersecurity Incidents in Healthcare and deemed it acceptable for up to 1.00 Enduring Materials, Self-Study AAFP Prescribed credit. Term of Approval is from 01/01/2022 to 12/31/2022. Physicians should claim only the credit commensurate with the extent of their participation in the activity.
AOA: This program is eligible for one (1) credit hour in Category 2-B of the Continuing Medical Education Program of the American Osteopathic Association. Physicians will need to submit a letter of completion from the University of Tennessee directly to the AOA to receive CME credits.
Continuing Education for Non-Physicians: The UTCOM will issue Certificates of Participation to non-physicians for participating in this activity and designates it for CEUs using the national standard that 1 hour of educational instruction is awarded .1 CEU.
This activity was reviewed on January 10, 2022. This activity was released on January 1, 2022 and will expire on December 31, 2024. SVMIC will not process any completions after December 31, 2024.
No commercial support was received for this activity. No speakers plan to discuss off-label use. No planners or speakers have relevant financial relationships to disclose.
Justin Joy, JD
Justin Joy is a shareholder in the Memphis office of the Lewis Thomason law firm. He also serves as the firm’s privacy officer. In addition to a range of experience in litigation and business law matters, Justin heads up Lewis Thomason’s cybersecurity practice group. He provides counsel to clients in the area of information privacy and cybersecurity, including incident investigation and breach response management, regulatory compliance, privacy and security policy review and drafting, and cyber risk management. Specifically, in the area of healthcare, Justin counsels covered entities and business associates on a variety of matters pertaining to HIPAA Privacy Rule, Security Rule, and Breach Notification Rule compliance. He also represents healthcare groups in state and federal regulatory investigations. Justin speaks frequently to various groups and organizations on the topic of information privacy and cybersecurity.
Justin is a Certified Information Privacy Professional/US (CIPP/US) and a Certified Information Privacy Technologist (CIPT) through the International Association of Privacy Professionals. He is a 2001 graduate of Wake Forest University and holds a law and MBA degree from the University of Memphis.
Loretta Verbeck, MS, FACMPE, CHC
Loretta Verbeck has extensive experience in the healthcare industry. During her career she has held roles as Director of Compliance, Director of Practice Management, practice administrator, and Senior Medical Practice Consultant for SVMIC. Loretta’s expertise is in regulatory compliance with an emphasis on HIPAA and the HITECH Act. She authors articles for various industry publications, provides education to medical schools and residency programs, and speaks at the state and national level for professional associations. Loretta has a master’s degree in health law and policy, is a board-certified Fellow in the American College of Medical Practice Executives, and is Certified in Healthcare Compliance.
- 1.00 AMA CME
- 1.00 Attendance