webinarsexpert



HIPAA in 2026: Navigating New Risks, Rules, and Realities

Recorded Webinar | Gus Hanna, PhD | All Days

Description


Healthcare organizations face increasing cyber threats, regulatory scrutiny, and operational pressure—yet many still struggle to translate HIPAA requirements into practical, effective controls.

In this 60-minute webinar, Dr. Gus Hanna, cybersecurity architect and healthcare compliance expert, breaks down the HIPAA Privacy Rule and Security Rule into clear, actionable guidance. Attendees will learn how HIPAA applies in modern healthcare environments, including cloud and hybrid systems, how ransomware and data breaches impact compliance, and what “reasonable and appropriate safeguards” really mean in practice.

The session will focus on real-world examples, common compliance gaps, and practical security controls that protect patient data while supporting clinical operations. Whether you are responsible for compliance, IT, security, or leadership oversight, this webinar will help you move beyond checklists toward defensible, risk-based HIPAA compliance.

Learning Outcomes

  • Explain the scope and intent of the HIPAA Privacy Rule and Security Rule, including how they apply to modern healthcare organizations and business associates.
  • Identify common HIPAA compliance gaps that lead to breaches, enforcement actions, and audit findings—particularly in cloud and hybrid environments.
  • Differentiate between administrative, physical, and technical safeguards and understand how each contributes to protecting electronic Protected Health Information (ePHI).
  • Apply risk-based thinking to HIPAA compliance, including how to interpret “reasonable and appropriate” safeguards in real-world healthcare settings.
  • Recognize how ransomware, phishing, and insider threats impact HIPAA compliance, and evaluate security controls that reduce patient safety and operational risk.
  • Map HIPAA Security Rule requirements to industry best practices, including NIST Cybersecurity Framework and NIST SP 800-53 controls.
  • Evaluate the roles and responsibilities of covered entities and business associates, including expectations for vendor risk management and shared responsibility models.
  • Develop practical next steps to strengthen HIPAA compliance posture, including governance, policies, technical controls, and incident response preparedness.

Areas Covered in the Session

  • HIPAA Privacy Rule & Security Rule Overview
  • Understanding what each rule covers, how they differ, and how they apply to today’s healthcare and business associate environments.
  • Defining and Protecting ePHI
  • What qualifies as ePHI, where it lives (EHRs, cloud, endpoints, backups), and why data location matters for compliance.
  • HIPAA Safeguards Explained
  • Practical interpretation of administrative, physical, and technical safeguards with real-world healthcare examples.
  • Risk Analysis & Risk Management
  • How to perform and maintain a defensible HIPAA risk analysis and translate findings into prioritized remediation actions.
  • Common HIPAA Compliance Gaps
  • Frequent causes of breaches and audit findings, including access control failures, insufficient logging, and weak vendor oversight.
  • Ransomware & Cyber Threats in Healthcare
  • How modern cyberattacks impact HIPAA compliance, patient safety, and breach notification obligations.
  • Incident Response & Breach Notification
  • What to do before, during, and after a security incident, including timelines and regulatory expectations.
  • Vendor & Business Associate Risk Management
  • Managing third-party risk, Business Associate Agreements (BAAs), and shared responsibility in cloud environments.
  • Aligning HIPAA with NIST & Industry Best Practices
  • Mapping HIPAA requirements to NIST CSF, NIST 800-53, and security controls commonly used by healthcare organizations.
  • Practical Steps to Strengthen Compliance
  • Actionable takeaways, quick wins, and a roadmap to move from checklist compliance to risk-based security maturity.
  • Live Q&A Session

Recommended Participants

  • Healthcare Executives & Leadership
  • CEOs, COOs, CIOs, CISOs
  • Practice administrators and hospital executives responsible for risk and compliance
  • Compliance, Privacy & Risk Professionals
  • HIPAA Compliance Officers
  • Privacy Officers
  • Risk Management and Governance professionals
  • IT & Cybersecurity Teams
  • Security Architects and Engineers
  • SOC Analysts and Incident Response Teams
  • Network, Cloud, and Infrastructure Engineers
  • Healthcare IT Management
  • IT Directors and Managers
  • EHR Systems Administrators
  • Health IT Operations leaders
  • Cloud & DevOps Professionals
  • Cloud Security Engineers (AWS, Azure, GCP)
  • DevSecOps and Platform Engineering teams supporting healthcare workloads
  • Clinical & Operational Leaders
  • Clinical informatics leaders
  • Department heads involved in patient data workflows
  • Telehealth and digital health program managers
  • Legal & Audit Teams
  • Healthcare legal counsel
  • Internal and external auditors
  • Third-party risk and vendor management teams
  • Business Associates & Vendors
  • Managed Service Providers (MSPs)
  • Healthcare SaaS providers
  • Medical device and digital health vendors handling ePHI
  • Incident Response & Crisis Management Teams
  • Business continuity and disaster recovery planners
  • Emergency preparedness coordinators
  • Healthcare Startups & Innovators
  • Founders and product leaders building HIPAA-regulated solutions
  • AI, data analytics, and digital health innovators

Training Price

Recording     $199
Digital Download     $249
Transcript (PDF)     $199
Recording+Transcript     $349
Digital Download+Transcript     $299



Over 10 Attendees Registration ?


Any Organization, Institution or Group User can register

Registration Form
Request Callback
cs@webinarsexpert.com


Find more webinars by Healthcare Industry.