- Rick Kam, President and Co-Founder, ID Experts, Chairman of the PHI Project
- James C. Pyles, Principal, Powers Pyles Sutter & Verville PC
- Lynda Martel, Director, Privacy Compliance Communications, DriveSavers Data Recovery, Inc.
- Mary Chaput, CFO and Chief Compliance Officer, Clearwater Compliance, LLC
The report was created through the “PHI Project” – a collaboration of ANSI, via its Identity Theft Prevention and Identity Management Standards Panel (IDSP), in partnership with Shared Assessments and ISA. The report includes PHIve (PHI Value Estimator) – a 5-step method to estimate the overall potential costs of a data breach to an organization. With this tool, health care organizations can determine an appropriate level of investment needed to strengthen privacy and security programs and reduce the probability of a breach.
The report was released on March 5, 2012, at a news conference at the National Press Club where White House Cybersecurity Coordinator Howard Schmidt spoke, followed by a Congressional briefing which included remarks by Joy Pritts, Chief Privacy Officer in the Office of the National Coordinator for Health IT at the U.S. Department of Health and Human Services. The publication has already been downloaded by more than 1,700 users since its release.
All interested stakeholders are invited to register for the free webinar here.
This free webinar will be held on Wednesday, March 21, at 2:00 p.m. ET and will run approximately 1 hour. Register today.
About PHI Project Sponsors
The PHI Project brings together experts from across the industry: including health care providers, payers and insurers, other health care services organizations, data breach prevention and recovery firms, legal experts on privacy and security, and others, providing a range of perspectives. The initiative was made possible through the generous support of the following organizations: Clearwater Compliance LLC and DriveSavers Data Recovery, Inc. (premium sponsors); Affinion Security Center; Alvarez & Marsal; BKD, LLP; Booz Allen Hamilton; The Center for Identity Management and Information Protection at Utica College; Deluxe Corporation; Direct Computer Resources, Inc.; Europ Assistance USA; ID Experts; ManageEngine, a division of Zoho Corp; and Terra Verde Services (partner sponsors).
The American National Standards Institute (ANSI) is a private non-profit organization whose mission is to enhance U.S. global competitiveness and the American quality of life by promoting, facilitating, and safeguarding the integrity of the voluntary standardization and conformity assessment system. The ANSI Identity Theft Prevention and Identity Management Standards Panel (IDSP) is a cross-sector coordinating body that facilitates the timely development, promulgation, and use of voluntary consensus standards and guidelines that will equip and assist the private sector, government, and consumers in minimizing the scope and scale of identity theft and fraud.
About the Shared Assessments Program
The Shared Assessments Program was created by leading financial institutions, the Big Four accounting firms, and key service providers to inject standardization, consistency, speed, efficiency, and cost savings into the service provider assessment process. Through membership and use of the Shared Assessments tools (the Agreed Upon Procedures and the Standardized Information Gathering questionnaire), Shared Assessments offers outsourcers and their service providers a faster, more efficient, and less costly means of conducting rigorous assessments of controls for security, privacy, and business continuity. The Shared Assessments Program is managed by The Santa Fe Group, a strategic consulting company based in Santa Fe, New Mexico.
About the Internet Security Alliance (ISA)
The Internet Security Alliance is a multi-sector trade association established in collaboration with Carnegie Mellon University in 2000. ISA’s mission is to combine advanced technology with the pragmatic business needs of its members and help create effective public policy leading to a sustainable system of worldwide cybersecurity. ISA advocates a modernized social contract between industry and government creating market-based incentives to motivate enhanced security of cyber systems. ISA provides its members with a range of technical, business, and public policy services to assist them in fulfilling their mission.