Privacy & Security (308)

Melvin Hutchens, VP of digital transformation at Credenti, a Tecnics company, says he believes healthcare organizations can learn from financial institutions to effectively manage users' identity and access levels at less cost and more scale.

To avoid attacks that disrupt care, Jason Wessel, principal solutions consultant, global healthcare at Palo Alto Networks, advises adopting a zero-trust framework, taking a holistic view of security and sharing information with colleagues.

Erik Decker, Intermountain Health CISO and chair of the Health Sector Council's Cybersecurity Working Group, discusses new reports and resources that are aimed at helping the healthcare industry manage a rapidly increasing number of cyberattacks.

Renee Broadbent, CIO and information security officer at SoNE Healthcare, says creating a culture of security starts from the top down and keeping staff educated about increasingly sophisticated phishing attacks.

Will Braxton, account executive at Cynerio, talks about the importance of securing not only computers and phones, but any IoT device that expands attack surfaces.

Andy Belval, chief revenue officer at Keystone Technologies, recommends user education and cloud enablement technologies that quickly restore clinicians' access to EMRs when an incident occurs.

Dr. Benoit Desjardins, professor at the University of Pennsylvania Medical Center, discusses cybersecurity risks posed by smart medical devices, but adds that most people would not be a target of such attacks.

Dr. Eric Liederman, director of medical informatics at Kaiser Permanente, discusses the need for healthcare organizations to prepare for cyberattacks and communicate honestly and promptly about these events with staff and patients when they occur.

Dr. Brian Anderson, chief digital health physician at MITRE, talks about the importance of partnerships between digital health companies, health systems and regulators as the development and use of advanced AI tools for healthcare increases.

IoT and IoMT devices may comprise 20% to 30% of a healthcare organization’s attack surface. John Vecchi, chief marketing officer at Phosphorus Cybersecurity, discusses how healthcare IT teams can monitor these tools and strengthen their security.

Jay Stewart, vice president of sales for CORL Technologies, Meditology Services, advises healthcare organizations to discuss AI use and governance with vendors, regularly testing cyber defenses and routinely assessing internal and third-party risks.

Lawrence Stowers, business development manager at Carahsoft, recommends ongoing staff training and communications to prevent phishing and other cyber threats – and a strong incident response plan to mitigate damage if a breach does occur.