ePrivacy Program in Partnership with McMaster University

Privacy Horizon’s Certificate Program on ePrivacy in Healthcare offered through the NIHI and McMaster University will be returning for the Fall semester of 2020.

McMaster ePrivacy Program

Instructors:

Patrick Lo: CEO, Privacy Horizon

Brendan Seaton: Chief Creative Officer, Privacy Horizon

 

Health care is undergoing a revolution driven by advances in information and communication technologies. Precision medicine, consumer health, virtual care, the Internet of things and other innovations are changing the very nature of health care, driving improvements in efficiency, effectiveness and healthcare outcomes. However, with each new innovation come new risks to the privacy and security of personal health information.

Privacy is not a zero-sum game. We don’t have to give up improvements in health care in order to protect privacy. We can have both! Privacy should be an enabler, not a barrier, to healthcare innovation.

This 20-sesson (30 Hours) program is for anyone who is responsible for managing the privacy function in their organization, or is interested in being part of the organization’s privacy management team or are app developers, consultants and service providers of products for health care. Organized into three modules, the program provides the guidance needed to manage privacy throughout the information lifecycle. This program focuses on the health sector and the special requirements for ensuring the privacy of personal health information.

This program will cover critical privacy legislation, conducting a privacy risk assessment, assessing what privacy and security features to build into your products and services, implementing an affordable privacy management program and handling a privacy breach.

Module 1 – Privacy Fundamentals, provides the foundation for a deep and comprehensive understanding of privacy. It addresses privacy principles, individual privacy rights, responsibilities of health care providers and organizations, Canadian and International privacy laws, and information governance.

Module 2 – Privacy by Design (PbD), will help you build privacy into the design of your programs, services and products. It addresses PbD principles, privacy and security standards and guidelines, PbD and emerging technologies, in building security into your healthcare solutions.

Module 3 – Managing Privacy Risk, teaches you how to identify, assess and manage privacy risk. It covers risk management principles, Privacy Impact Assessment, Threat and Risk Assessment, monitoring and audit, managing privacy breaches and complaints and privacy training.

On completion of this program you will have a comprehensive view of privacy and what it takes to implement privacy successfully in your organization.

Upon completion you will be awarded a McMaster University – NIHI ePrivacy Certificate of Completion. A Certificate of Completion is a non-academic certificate acknowledging that the recipient has completed a minimum of 30 hours of education and has successfully completed the Opening and Closing Questionnaires that assesses the individual’s learning.

Intended Audience

  • Anyone responsible for information privacy in public or private sector organizations
  • Chief Privacy Officers
  • Chief Information Security Officers
  • Chief Technology Officers
  • Chief Information Officers
  • Risk managers
  • Privacy/Freedom of information coordinators
  • Healthcare providers and managers charged with protecting privacy under health sector privacy legislation
  • App developers building iOS and Android apps, wearable technologies and other consumer-oriented solutions
  • Consultants, integrators and solution providers who need to offer privacy and security compliance products and services to consumers, and private and public sector organizations
  • Technical architects and developers who design and build cloud, mobile, social media and IOT solutions
  • Educators
  • HR professionals

Expected Outcomes

Participants will have a comprehensive understanding of:

  • National and international privacy laws
  • Foundational privacy principles
  • Privacy and information governance
  • Privacy by design
  • Information security requirements for privacy protection
  • How to build a privacy program
  • Privacy risk assessment
  • Privacy breach management

Cybersecurity Management Program in Partnership with McMaster University

Privacy Horizon’s Certificate Program on Cybersecurity Management offered through the NIHI and McMaster University will be returning for the Fall semester of 2020.

 

McMaster Certificate Program for Cybersecurity Management

Course Instructors:

Patrick Lo: CEO, Privacy Horizon Inc.

Brendan Seaton: Chief Creative Officer, Privacy Horizon Inc.

Public and private sector organizations in Canada and around the world are under increasing pressure to protect themselves, sensitive information, client information and critical infrastructure from cyber attacks. Threats to information system assets come from state actors, organized crime and hacktivists who now routinely attack our electoral, financial, healthcare and public utility systems.

The purpose of this program is to provide practical cybersecurity management strategies and recommendations to help minimize the occurrence or impact of cyber-related losses. Our focus is on risk management and how to use the various tools and resources to build awareness and cyber resilience.

This program is based on the National Institute of Standards and Technology (NIST) Cybersecurity framework (CSF).

This program is for non-technical senior staff who need a general understanding of cybersecurity practices to protect critical information assets and who need to work with their organization’s IT and cybersecurity experts.

Upon completion you will be awarded a McMaster University – NIHI Certificate of Attendance in Cybersecurity Management. A certificate of attendance is a non-academic certificate acknowledging that the recipient has completed a minimum of 10 hours of education/training in the subject area.

Topics covered:

  • Introduction to cybersecurity
  • Cybersecurity management program
  • Cybersecurity risk management
  • Asset management
  • Threat assessment
  • Technical and physical safeguards
  • Administrative safeguards
  • Monitoring and audit
  • Cybersecurity incident management
  • Cybersecurity recovery planning

Learning Objectives

  • To equip participants with the knowledge and skills needed to implement an effective cybersecurity program in their organization.
  • To enable participants to apply cybersecurity best practices for asset management, threat assessment and risk management.
  • To help participants implement effective administrative, technical and physical safeguards to combat cybersecurity threats.

Expected Outcomes

You will have a comprehensive understanding of:

  • The NIST Cybersecurity Framework
  • The elements of an effective cybersecurity program
  • Methods to detect and respond to cybersecurity threats
  • Administrative, technical and physical safeguards
  • Cybersecurity risk management
  • Cybersecurity breach management

Intended Audience

  • Chief Executive Officers
  • Chief Operating Officers
  • Chief Privacy Officers
  • Chief Information Security Officers
  • Chief Information Officers
  • Project Managers
  • Risk Managers
  • Business Analysts
  • Privacy/Freedom of Information Coordinators
  • Business Managers/Supervisors
  • HR Professionals
  • Educators
  • Healthcare providers and managers charged with protecting privacy under health sector privacy legislation
  • Consultants, integrators, and solution providers who need to offer privacy and security compliance products and services to consumers, and private and public sector organizations
  • Anyone responsible for information privacy in public or private sector organizations

UTEST Privacy Fundamentals Series – Starting July 16th

Starting on July 16th Privacy Horizon will be partnering with University of Toronto’s UTEST program to provide privacy fundamentals to early-stage health technology companies.

Privacy always emerges as a question to be answered by app developers and organizations in the healthcare space. Privacy and security controls are often mandatory requirements for health sector procurement. How can healthcare app developers and professionals address the privacy concerns of patients, healthcare providers, clients and service providers while staying lean and agile in their development practices?

In the Privacy Fundamentals Series we’ll be covering how healthcare providers evaluate the apps they are considering using in their workplace or recommending for patient use. We’ll show how your customers understand the risks of the of information that is collected, stored, transmitted and added to other systems.  You’ll learn how to recognize vulnerabilities and avoid breaches, and how to be be proactive, not reactive to security threats.

 

The series consist of three PHI sponsored lunch and learn sessions:

Session 1: Privacy Fundamentals: What does privacy mean to you and your company?

Session 2: Privacy by Design: What privacy and security features need to be built into your app, device or service?
Session 3: Minimum Viable Privacy: What is the minimum set of privacy and security controls needed to function in the healthcare marketplace?

 

The first session will be hosted on July 16th between 12pm and 1:30pm at the Banting Institute. We look forward to seeing to seeing you there!

Privacy & Security Online Series for App Developers and Healthcare Professionals

The National Institutes of Health Informatics (NIHI) and Privacy Horizon are pleased to announce the first fully online privacy & security series dedicated to health care App Developers and Healthcare Professions. This 3-Part Online Series, on June 19, 20 & 21 is a “What you Need to Know” for the important privacy and security topics emerging in the App Development healthcare space.Topics include Privacy Fundamentals, Privacy by Design, & Minimum Viable Privacy.

We have a special bonus, you will receive a free one-hour consultation on your organization’s specific privacy & security needs with an ePrivacy Expert.

As a past participant in a NIHI ePrivacy Session we are also offering you, as well as your colleagues, a $25 Discount with the code Friend if you register by June 16. We also offer group discounts if you register 3 or more people from the same organization.

To register, please go to www.nihi.ca. For questions and group discounts, please contact us.

Privacy Horizon Teams Up With MedStack

Privacy Horizon is pleased to announce that it has teamed up with MedStack Inc. to bring comprehensive privacy and security solutions to start-up companies delivering healthcare solutions in Canada.

The collaboration combines Privacy Horizon’s training and assurance services with MedStack’s secure and compliant application hosting platform, creating a complete solution set for these companies, simplifying the process to achieve the privacy and security standards required by their healthcare enterprise customers.

Privacy Horizon works with entrepreneurs and app developers to identify and manage privacy and security risk. “Our Minimum Viable Privacy Program is a kick-starter for companies that need to demonstrate compliance with privacy laws”, says Privacy Horizon CEO, Patrick Lo. ”With the recent WannaCry ransomware attack, healthcare organizations are going to be demanding evidence that innovative solutions are secure.”

MedStack provides secure cloud hosting services for applications, databases, files and analytics engines. “The MedStack platform has built-in privacy and security protection protocols such as auditing, logging, backup, encryption, access controls and monitoring, with this cloud functionality well-documented in pre-written privacy policies”, says MedStack Co-founder and CEO Balaji Gopalan. “Our platform and services are designed to meet expectations for healthcare privacy compliance in Canada.”

Together, Privacy Horizon and MedStack provide a unique end-to-end privacy and security solution for Canada’s healthcare innovators.

For more information about MedStack please visit the MedStack website.

For more information about Privacy Horizon’s Minimum Viable Privacy (MVP) Program, please visit our MVP Page. MedStack customers receive preferred pricing on the MVP Program. Contact Privacy Horizon for details.

Privacy and Security Awareness

Privacy Horizon is pleased to announce that it has teamed up with Fivel Inc. to deliver comprehensive privacy and security training and awareness programs to the Canadian health sector.

“Human error is the number one cause of privacy and security breaches”, says Privacy Horizon Chief Creative Officer, Brendan Seaton. “Falling for phishing scams, using weak passwords or carelessness, exposes personal health information and critical systems to attack. Privacy and security awareness training is the first line of defense for responsible organizations.”

“Fivel is a complete end-to-end learning solution that combines content, platform, and coordination services.” says John Breakey, CEO of Fivel Systems. “We apply the latest advances in learning science to boost comprehension and retention. Our cloud-based platform is easy to understand, simple to use and quick to navigate.”

Privacy Horizon’s Privacy and Security Awareness Tutorial can be adapted to any jurisdiction and stakeholder group. It ensures that your people are aware of their obligations under privacy legislation. It enables them to understand best practices to protect personal health information and critical information systems.

Privacy Horizon has extensive experience and insight in healthcare privacy needs. Their training and compliance program is the most comprehensive privacy policy and practices program specifically designed for the industry. Now it is even easier to access and deploy in in any environment whether large and small.

For more information about the privacy and security awareness tutorial please refer to our Awareness tutorial.