Cybersecurity

Jane Harper, Director Privacy & Security Risk Management at Henry Ford Health System, discusses how third party risk management should be viewed like a romantic relationship – from the dating stage through the prenup, marriage, and even divorce.

Developing a better link between cybersecurity and patient-facing services is what Dan Taylor, director of security of NHS Digital, believes is a top priority – a good cybersecurity strategy focused on people.

Kirk Lippold, commander of United States Navy (RET), explains how intellectual honesty requires a commitment to sit down with people in the organization to review what happened after a crisis and find a new normal.

Despite the healthcare sector’s awareness of medical device flaws, many are still focused on whether a patient has been harmed. But to UC San Diego researcher, emergency medicine provider Christian Dameff, MD, it’s more about retaining patient trust and ensure the technology doesn’t fail.

Brian Selfridge, partner at IT Risk Management for Meditology, also explains the evolving role of infosec leaders in the healthcare sector – including third-party vendor management.

Johns Hopkins Medicine CISO Darren Lacey shares his thoughts on the sector’s inherent problems, ransomware, remaining positive amid those threats and ways to keep up with hackers.

Chad Wilson, director of information security at Children’s National, explains how timely access to applications in a healthcare setting is measured in seconds so the balance between usability and security is a big challenge.

Theresa Payton, president and CEO of Fortalice Solutions, explains how to avoid digital disasters with a segmentation strategy that includes on-going testing with data, equipment and third-party vendors to put security assumptions to the test.

Jamie Lam, data security compliance manager for the University of California at San Francisco School of Medicine offers tips for managing "shadow IT" as tech-savvy employees find their own ways to work effectively.

Matt Trevors, a senior member of the technical staff with the CERT Division of the Software Engineering Institute at Carnegie Mellon University, offers help for meeting the HIPAA Security Rule.