1 / 27

The Doctor will Text You Now: Security and Risk with Electronic Transmission and Exchange

Dr. Evil Goes Mobile. The Doctor will Text You Now: Security and Risk with Electronic Transmission and Exchange 2012-09-25 Steve Goldsby. Agenda. Introductions Mobile & Security Statistics Implications for Your Organization Discussion Free Love Q&A. Introductions. Introductions.

marcel
Download Presentation

The Doctor will Text You Now: Security and Risk with Electronic Transmission and Exchange

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Dr. Evil Goes Mobile. The Doctor will Text You Now: Security and Risk with Electronic Transmission and Exchange 2012-09-25 Steve Goldsby

  2. Agenda • Introductions • Mobile & Security Statistics • Implications for Your Organization • Discussion • Free Love • Q&A

  3. Introductions

  4. Introductions • You • Your organization (name, size, location, etc) • Using mobile? Challenges? • Maturity of Security Program • Experienced a breach in 2011/2012?

  5. Mobile Security & Statistics

  6. Ponemon Study + • Ponemon's second annual Benchmark Study on Patient Privacy and Data Security. • DataLoss DB • Whitepapers & Gov’t data

  7. Stats from

  8. Stats from

  9. Ponemon Study

  10. About the Benchmark Sample

  11. Healthcare Data Breaches up 32% Has your department suffered a data breach involving the loss or theft of patient data?*

  12. Mobile & People Biggest Problem Nature or root causes of the data breach incident

  13. Hope is Not a Strategy Does your organization use any of the following security solutions or procedures to safeguard patient data contained on mobile devices?

  14. Pay Me Now or Pay Me Later… What best describes the negative impact of data breach experienced by your organization? 81% report time and productivity loss from breach

  15. Pay Me Now or Pay Me Later… What best describes the economic impact of breach incidents experienced by your org? $2,243,700 is estimated financial impact of data breach per organization

  16. Implications for You & Your Patient

  17. Implications • Incident cost: $2,247,700 per incident • Brand damage: $113,400 per patient • Legal: $249,290 per incident • Patient Collateral Damage: Identity + Medical ID theft • Opportunity cost: Cleanup time is not delivering value • Organizational Brain Damage / Involuntary Turnover

  18. Discussion

  19. Discussion • Have you been impacted by PHI leak? Mobile? • Do you know anyone? Mobile? • How are you using mobile? • Dedicated vs BYOD? • What security controls do you have in place? • What are biggest hurdles to successfully securing PHI? • How are you assessing risk?

  20. Free Love

  21. Free Love • Risk Assessment (+ likelihood + cost determination) • Privacy rule prescribes it • Due Diligence and Due Care • Cyber insurance • Optimize Spend • Policy + Training (with Anecdotes)

  22. USB Sticks

  23. Tailgating, Intrusion, Pretext

  24. Free Love • No BYOD ever • Deliver organic capability • Dedicated assets with strict control • PHI Management Strategy • PHI lifecycle management • Provision through Disposal

  25. Free Love • Technical Controls - Strategic Implementation • USB Control (physical + technical) • Whitelisting Mobile Configurations • A/V & HIPS • Passwords • Encrypt all storage (FDE) • Remote Brick • DLP + Proactive Data Management

  26. Q&A?

  27. Ponemon - Second Annual Benchmark Study on Patient Privacy & Data Security http://www2.idexpertscorp.com/assets/uploads/PDFs/2011_Ponemon_ID_Experts_Study.pdf The 5 (PHIve) steps you can take now to protect PHI http://www.govhealthit.com/news/5-phive-steps-you-can-take-now-protect-phi Open Security Foundation - Dataloss DB http://datalossdb.org/ References

More Related