Privacy & Security (308)

David Wall, CIO of Tallaght University hospital in Ireland, shares three key learnings after sustaining a cyberattack in 2021 and explains how attack vectors have evolved.

Whether healthcare organizations store data in the cloud or on premises, Frank Forte, CEO of Anatomy IT, recommends redundant systems and practice drills as well as partnering with vendors to prepare for inevitable cyberattacks.

Tom Liddell, CEO of Harmony Healthcare IT, says moving legacy healthcare data into storage is a complex process that involves scanning for malware and retaining regulatory compliance and access.

Scott Stuewe, president and CEO of DirectTrust, discusses the company's work to improve interoperability between direct secure messaging platforms and its work with information service providers to help with secure information exchange.

Lee Kim, senior principal of cybersecurity and privacy at HIMSS, shares results from the HIMSS annual healthcare cybersecurity survey and why healthcare organizations need adaptable security strategies, perhaps including analog file backups.

First-step recommendations are: Do the basics, as in following HIPAA security-rule compliance and doing a security-risk analysis, says Carolyn Metnick, partner at Sheppard Mullin and member of their Healthcare and privacy and cybersecurity team.

Christopher Falkner, 2024 HIMSS Changemaker and Sodexo's senior director of digital strategy and cybersecurity, talks about his career journey from engineer connecting medical devices with EHRs to cybersecurity leader protecting those devices.

Dr. Eric Liederman, CEO of CyberSolutionsMD, recommends that CIOs, CISOs, CMIOs and CEOs collaborate to balance strengthening security controls with enabling clinicians to access the information they need to treat their patients.

Both small and large organizations have risk challenges and threat monitoring gaps. "It's not just the technology, but its also the people and the process part of it, and that part is really hard for healthcare," says Steve Cagle, CEO of Clearwater.

Tony Black, global director of healthcare, privacy and digital transformation at Kyndryl, talks about the four questions healthcare leaders must be able to answer to build business continuity plans that include holistic data management and security.

Check out this HIMSS24 session sample to see cybersecurity leaders from Mayo Clinic and Cleveland Clinic share best practices for building a successful medical and IoT device security program.

How can health systems secure smart medical devices if manufacturers don't patch them regularly? Richard Staynings, chief security strategist at Cylera, discusses how organizations can mitigate that risk using their existing tools and technologies.