Journey to HIMSS18: Privacy, Security and Cybersecurity

Thompson H. Boyd, III, M.D., FHIMSS, FACHE, FABQAURP, CPHIMS, CHCQM

Medical Director of Informatics

Hahnemann University Hospital

Today’s Speaker

Thompson H. Boyd, III, M.D., FHIMSS,

FACHE, FABQAURP, CPHIMS, CHCQM

Medical Director of Informatics

Hahnemann University Hospital

Philadelphia, Pennsylvania

HIMSS Welcomes You and the World!

Agenda

• Welcome

• Education Overview:

– PreConference Education

– General Conference Education

• Exhibition Overview:

– Cybersecurity Command Center

• Networking Overview:

– Planned Events

• Q & A

Learning Objectives

• Explore highlights of privacy, security and cybersecurity

educational offerings at HIMSS18;

• Identify the reasons competencies in privacy, security,

and cybersecurity are critical for today’s healthcare

professional.

In the news…

http://www.healthcareitnews.com/news/ransomware-attack-calls-unlikely-hero-

action-your-neighborhood-hie

http://www.bbc.com/news/technology-41753022?intlink_from_url=http://www.bbc.com/news/topics/62d838bb-

2471-432c-b4db-f134f98157c2/cybersecurity&link_location=live-reporting-story

https://www.securitymagazine.com/articles/88466-the-human-element-insider-behavior-

facilitates-cyber-attacks-erodes-business-trust

https://www.csoonline.com/article/3219165/it-careers/gartner-worldwide-information-security-spending-to-hit-93b-in-2018.html

2016 HIMSS Cybersecurity Survey:

“…two-thirds of respondents experienced a recent

significant security incident but reported only an average

level of confidence in being prepared to defend against

attacks.”

Why focus on Cybersecurity?

Don’t miss the release of the 2017 HIMSS Cybersecurity Survey

at the Cybersecurity Command Center.

Delve into education sessions that focus on the policies,

procedures, workflow, and management of secure and

private health information, as well as privacy and security

topics that emerge from the use of technology in the

clinical and business workflow.

About Privacy, Security & Cybersecurity

At HIMSS18, you will have the opportunity to:

HIMSS CHIME Cybersecurity Forum*Monday, March 5, 2018; 8:00am – 4:30pm

• The Modern Healthcare Cyber Era: Better and Smarter Solutions for Everyone

– Examine both challenges and solutions to equip you to work better and smarter in spite of resource constraints;

– Explore the current threat landscape, lessons learned from recent events, and best practices for healthcare organizations of all sizes.

– Explain what organizations are doing in light of recent, significant cyberattacks and how they plan to be prepared for the future

* Separate Registration Required

• 21 Educational Sessions Across Four days

– All located in one room (Marcello 4401) so that you

can go back to the same place each day

– November 15th – Session detail will be available on

www.himssconference.org

• Search by Topic, Title, Keywords, Speaker Name

General Education

General Education Sessions

Cybersecurity Sessions

Privacy Sessions

General Education Sessions (Cont.)

Security-Focused

Cybersecurity Command CenterCybersecurity Command Center allows for interactions with healthcare organization’s exploring

products and solutions to keep their provider information private and secure.

• Products and Services from 70+ Companies including:

• Privacy & Security

• Authentication Devices

• Compliance/Risk Management

• Privacy Protection

• Single Sign-On

• Consulting

• Outsourcing/Networking Solutions

• Cloud Computing

• Fraud Prevention

• Learn New Ways to Improve Your Organization's Security Posture

• Learn about Cutting-Edge Technologies and How to Best Prepare Your Organization to Defend Against Cyber Adversaries

• 60+ Learning Sessions to Enhance Your Knowledge on Today’s Most Pressing Cyber Issues

• Results of the 2017 HIMSS Cybersecurity Survey

Premier Sponsor:

Engage in Cybersecurity Challenges

Test your cyber skills and see how you rank against your peers with Cyber Security

Challenges. Sneak peak at several challenge topics:

Cylance "Threat Prevention" Challenge

• Think you know which endpoints are vulnerable to an attack? Join us for a "Threat Prevention" challenge to test

your endpoint security knowledge, and ensure you're doing everything you can to protect your organization and

your patients from cyberattacks.

Proofpoint

• Come take Proofpoint's cybersecurity challenge, featuring data from our recently launched Healthcare Threat

Report, to see how savvy your cyber knowledge is.

Sophos

• Every day, cybercriminals develop new and more sophisticated ways to get malware onto your network and

endpoints. Phishing is incredibly effective, while ransomware has proven itself to be lethal for organizations in

recent world-wide attacks like the Petya and WannaCry attacks. How ready is your organization to avoid falling

prey to the next emerging threat? Come take our Sophos cybersecurity challenge at the Cybersecurity

Command Center to test your skills and see how our next-gen solutions can keep your users and data safe.

Symantec

• Test your cyber skills and see how your rank against your peers with Symantec's Cyber Security Challenge

Join our Challenge Sponsors to View Solutions Around Privacy & Security

Fairwarning Cybersecurity Reception

Date: Tuesday, March 6, 2018

Time: 5:30PM - 6:30PM

Location: Cybersecurity Command Center

Open to HIMSS Cybersecurity and Privacy and

Security Community Members

Networking

Premier Sponsor:

Questions?

Thank you for attending!

• NIST Cybersecurity Framework, Version 1.1, January 10, 2017

– https://www.nist.gov/sites/default/files/documents////draft-cybersecurity-

framework-v1.1-with-markup1.pdf

Additional Resources

• Cyber-threat Information Sharing

– H.R.2029 - Consolidated Appropriations Act, 2016

• Division N: Cybersecurity Act of 2015 (S. 754, 114th Congress)

• Public Law No: 114-113, December 18, 2015

– https://www.congress.gov/114/plaws/publ113/PLAW-114publ113.pdf

• Sharing of Cyber-threat information among Federal and non-Federal Entities

– National Health Information Sharing & Analysis Center

• http://www.nhisac.org

• http://www.nhisac.org/initiatives

Additional Resources

HHS Cybersecurity Awareness Training, with Quizzes:

https://www.hhs.gov/sites/default/files/FY17Cybersecurity

AwarenessTraining.pdf

OCR Link to: OCR News Releases & Bulletins

https://www.hhs.gov/ocr/newsroom/index.html

Additional Resources