The Enemy Within: Dealing with Insider Threats

September 8, 2015
3:30pm - 4:15pm
General Session

Last summer, an Ontario hospital fired a nurse who had inappropriately accessed the protected health information of some 1,300 patients over nine years. At about the same time, Cedars-Sinai Medical Center fired six workers for snooping on more than a dozen patient health records.

When it comes to privacy and security, employees snooping on patient records is a huge concern for healthcare IT professionals, according to a 2014 HIMSS security report. But when it comes to “insider threats”, it doesn’t end with snooping. A nurse or some other “well-intentioned employee” may accidentally or inappropriately distribute PHI or lose control of a computer or thumb drive containing PHI. And then, of course, there’s the truly criminal “Malicious Insider” who is bent on stealing PHI for illegal gains or to somehow sabotage the healthcare facility. In fact, insider threats could include vendors, consultants, interns – anyone with authorized inside access.

In this session, we’ll learn how two top hospital IT leaders use education, technology, policies and procedures to address and mitigate these issues in their facilities.  We’ll also hear an FBI Special Agent profile the typical malicious insider, letting healthcare leaders know what they should be on the look out for. Without a doubt, this session will provide inside information you don’t want to miss.


Chief Information Security Officer
UMass Memorial Health
Special Agent
Federal Bureau of Investigation
Director, Privacy & Security

Learn more about the 2020 Event


Subscribe for updates