HEALTHCARE SECURITY FORUM: A HIMSS EVENT
Boston, MA, Oct. 15-16, 2018
Breakfast will be served in the ballroom, be sure to stop by the sponsor tables.
Commander Kirk Lippold, U.S. Navy (Ret.) was the commanding officer on the USS Cole when it came under a suicide terrorist attack by al Qaeda in the port of Aden, Yemen in 2000. During his command, Commander Lippold and his crew distinguished themselves by saving the American warship from sinking. This attack is widely recognized as one of the most brazen acts of terrorism by al Qaeda prior to September 11, 2001.
Commander Lippold is a compelling storyteller, and in this session he draws upon his five pillars of leadership, sharing strategies he used to instill integrity into his team and mitigate crises throughout his naval career. Importantly, he'll provide takeaways to help healthcare security leaders prepare for whatever the cyber future may hold, build strong teams, and make a difference when it matters most.
Your organization has just been hit with a large-scale breach. As security leader what do you do first?
This CISO panel session will discuss prioritization and the sequence of activities that you should follow when dealing with a major breach including executive and other internal communication, external breach notification including affected individuals, OCR, and state regulatory bodies. With a 72-hour breach notification window fast becoming the norm, you don’t have long to think about things making sure that it’s done right!
Take this opportunity to mingle with your peers in a relaxed setting to build relationships and establish future partnerships. Coffee will be served in the ballroom area so make sure to stop by our sponsor tables. Networking breaks sponsored by eSentire, Everbridge, Fortinet, Sayers, and Sirius Healthcare.
Gone are the days when loss of PHI was the industry’s biggest worry: We now face a looming patient-safety crisis.Vulnerable medical devices are being recalled and equally vulnerable devices continue to be produced.
In this session, two clinicians-security researchers simulate a medical device breach, demonstrating the peril and possibilities healthcare now confronts in a world of connected, technology-dependent medicine.
Following the medical device hack simulation, the speakers, joined by the FDA's Suzanne Schwartz, will share medical-device security best practices and participate in an audience Q&A.
According to the 2017 Identity Theft Resource Center (ITRC) Data Breach Report, healthcare was the second most significant contributing industry to overall data breaches with 334 breaches reported. Data breaches are crippling to any business, but are extra hard on healthcare organizations, considering the vast amount of sensitive information patients trust them with, the irreparable damage to reputation that can follow a breach, and the massive fines that can be levied by regulatory agencies.
In this session, Chris Bowen will discuss the top nine security and compliance risks that he sees time and again in his role as ClearDATA’s Chief Privacy & Security Officer and Founder, CISSP, CCSP, CIPP/US, CIPT. Leverage his experience working with hundreds of healthcare organizations to help you understand what you can do to identify and overcome them at your own organization.
In this session, the OCR’s Anne-Sophie Whitaker gives a timely update on HIPAA breach violations – and shares best practices to help attendees help keep their organizations off the department’s Wall of Shame.
She’ll share trends in how and where information is being breached (email, film, laptops, etc.), review settlements, and discuss where covered entities frequently fall short in protecting PHI.
Take this opportunity to mingle with your peers in a relaxed setting to build relationships and establish future partnerships. Lunch sponsored by Connection.
In this last session of the forum, Intermountain Healthcare CISO Karl West describes the tremendous overhaul his security program has undergone over the past few years.
The forum has covered a lot of ground over two days. In this final session, attendees hear how one organization has begun to put it all together and move security into the new area of consumerism and convenience.
In the HIMSS Code Red podcasts, HIMSS’ Rod Piechowski interviews healthcare leaders on current issues in healthcare security. In this “live” version of the podcast, Rod interviews James Doulgeris, CEO of Osler Health, an accountable care organization with 125 primary care physicians in 27 practices at 63 locations.
The topic of conversation: How to talk security to the c-suite and other senior, non-technical leaders.
Security touches almost every piece of a healthcare organization, and Rod and James will cover such important topics as:
Rod and James will cover these topics and more, and leave plenty of time for audience questions
A group of 20 healthcare experts in the United States created the hospital incident command system (HICS) in the 1980s to help hospitals prepare for and respond to disasters. The command center provides a robust framework for handling emergencies, but it was not intended to address healthcare security issues.
In this session, attendees will learn how Indiana University Health modified the HICS and implemented it to better conform with the NIST Cybersecurity Framework – and how you can do the same and strengthen your security profile.
Importantly, as speaker Mitch Parker will explain, a key benefit is that this gives security teams a framework to handle cyber issues at an organizational level, rather than just information security, and better coordinate resources.
Key discussion points
The healthcare market is in transition, becoming more consumer-driven, with greater focus on wellness and precision medicine. The age of Digital Health is here. The convergence of new digital health technologies provided by non-health sector competitors is disrupting and threatening to intercept the traditional relationship between health systems and their patients.
Sentara Healthcare, which operates more than 100 sites including 12 acute care hospitals, is aggressively working to compete by becoming “A Digital Sentara”. Considered one of the most progressive and integrated healthcare organizations in the United States, Sentara is building new native mobile apps, a website and enterprise data platform. Connecting its system and patients, members and providers to new digital front-end solutions—all built in the cloud.
So you’re wondering, how do they protect all that? In this session, VP and CISO Dan Bowden will explain just that.