HEALTHCARE SECURITY FORUM: A HIMSS EVENT
San Francisco, CA - June 11 - 12, 2018
Breakfast will be served in the ballroom so make sure to stop by the sponsor tables.
Commander Kirk Lippold, U.S. Navy (Ret.) was the commanding officer of the USS Cole when it came under a suicide terrorist attack by al Qaeda in the port of Aden, Yemen. During his command, Commander Lippold and his crew distinguished themselves by saving the American war ship from sinking. This event is widely recognized as one of the most brazen acts of terrorism by al Qaeda prior to September 11, 2001.
Commander Lippold is a crisis management expert and proven leader, and in this opening keynote, tailored to the needs of healthcare security professionals, he shares with attendees lessons learned while leading his crew aboard the USS Cole following the attack.
These critical steps demonstrate how any organization can detect, react to contain and then control crises, assess progress in defining a new normal, and measure successes moving forward.
These leadership and management techniques will arm attendees with a military-grade approach to prepare for and take action when cyber terrorists strike — because it’s not a matter of if, but when.
The threat landscape is changing and hackers have become much more dangerous and disruptive to healthcare. New and emerging attacks are more impactful because they interrupt services and communications. They can cripple an organization by taking down its infrastructure and internet connections, and, most alarmingly, this poses a major risk to patient care.
In this opening state-of-the-industry discussion, our panel of seasoned healthcare security veterans survey the threat landscape and explain what they are doing to counter hackers. They’ll also discuss their top initiatives for the coming year.
Take this opportunity to mingle with your peers in a relaxed setting to build relationships and establish future partnerships. Coffee will be served in the ballroom area so make sure to stop by our sponsor tables.
HIMSS Director of Privacy & Security Lee Kim discusses what is happening now in healthcare and cross-sector cybersecurity. Specifically, Lee will discuss the findings of the special edition of the HIMSS healthcare and cross-sector cybersecurity report. Hear about fresh, open source intelligence on what is happening in healthcare and beyond. Gain knowledge about threats, vulnerabilities, mitigation, research, and tools you can use to help your organization be more secure.
In the healthcare, cyberterrorism can appear in a variety of forms. It can bring down a hospital computer system or publicly reveal private medical records. Whatever shape it takes, the general effects are the same: patient care is compromised, and trust in the health system is diminished.
Evidence suggests that cyber threats are increasing and that much of the U.S. healthcare system is ill equipped to deal with them.
Securing cyberspace is not an easy proposition as the threats are constantly changing, but it’s critical to recognize that cyberterrorism should be part of a broader information technology risk management strategy.
In this session, Michael Archuleta, recently recognized as a Top Hospital and Health System CIO, reviews case studies and the tremendous negative effects a cyber-attack could have on a healthcare organization. It’s scary stuff, but Michael will also share his thoughts on the best practices healthcare organizations can adopt to protect themselves – and their patients – from such attacks.
C-suites and boards must collaborate with security leaders to build cyber resilient organizations. Yet, too often, security leaders struggle to convey clear opportunities for senior leaders to engage in the necessary enterprise-wide approach to cyber risk. The result: Security doesn’t get the resources or support it needs and security efforts remain an uphill battle.
In this session, Advisory Board security expert Allyson Vicars shares key takeaways from deep industry research on how to have a productive conversation on security and risk with the most senior leaders in your health care organization.
Take this opportunity to mingle with your peers in a relaxed setting to build relationships and establish future partnerships.
More and more breach and enforcement activities against covered entities is due to the actions or in-actions of the third parties they engage to support their operations. Poor engagement, oversight, monitoring and dis-engagement often leaves covered entities responsible for all of the risk, fees, and reputational fall out. This can affect compliance, legal agreements, patient care and even your cyber security insurance. Trust but verify needs to be the underlying foundation of your third party risk management program.
In this session, Jane Harper brings more than 18 years of risk, compliance, audit, and security experience to share with attendees best practices for managing third-party risk.
Key takeaways include:
Healthcare security professionals confront this question regularly: How do we safeguard data but also distribute it as widely and responsibly as possible? These two competing interests can sometimes create tension. At the Midwest Health Collaborative, a consortia of six health systems, including the Cleveland Clinic, the answer lies in a team of user-experience designers who consider workflow demands first when deploying technology and designing policies.
In this session, Michael Gold, the collaborative’s vice president of analytics and technology, describes how his team has improved adherence and HIPAA compliance by thinking user-first when implementing policies and procedures. He’ll also share best practices that other healthcare organizations can put into practice to improve their own compliance.
As Michael will explain, and most attendees will agree, many breaches occur around human error. If improving the user experience decreases the chance of a breach, that’s a big win.
In this session, security executives from two leading Bay Area healthcare organizations discuss the keys to creating strong resilient security programs that enable digital transformation and facilitate organizational business goals.
John Muir Health Vice President and CISO Tom August, in addition to his many years leading healthcare security teams, co-authored The CISO Handbook: a Practical Guide to Securing Your Company. El Camino Hospital CIO Deb Muro has lead large technology implementation projects and, over the past two years, has built El Camino’s security program from the ground up.
Both Tom and Deb strongly support using risk assessments to identify, prioritize, and address vulnerabilities, and they’ll share with attendees best practices for doing just that.
McKinsey & Co. and the World Economic Forum recently undertook joint research to develop a fact-based view of cyber risks, assess their economic and strategic implications, particularly for healthcare, and lay out a path forward. Interviews with executives and data from more than 200 enterprises, technology vendors, and public agencies contributed to the report’s three main findings for enterprises:
In this end-of-the day featured presentation, Venky Anant, an associate partner and cybersecurity expert for McKinsey & Company, highlights the report’s findings, and, importantly, discusses the emerging consensus among technology executives on the seven keys to a more effective cybersecurity defense.
If you are like the nearly 80 percent of executives who said they cannot keep up with the increased sophistication of attackers, this session will provide some much needed help.
After a day of informative and incisive presentations, enjoy a drink and hors d'oeuvres in the Grand Ballroom with your fellow attendees, speakers and sponsors.