Tod Ferran, CISSP, QSA, ISO 27001 Lead Auditor, presented “The Questions a Judge Will Ask You After a Data Breach”, which addresses how to establish acceptable risk and reasonable security for the Health Care Compliance Association (HCCA). The webinar reviewed:
- How to define “reasonable” security controls that makes sense to business, judges, and regulators.
- Design and run a risk assessment that is meaningful to technicians, business, and authorities.
- Learn from case studies involving regulatory oversight, law suits that happened, and law suits that never happened