view the replay - fairwarning · 9/27/2017 · protecting patient information in the age of...
TRANSCRIPT
![Page 1: View the Replay - FairWarning · 9/27/2017 · Protecting Patient Information in the Age of Advanced Threats •Threats to patient data now include: •Threats to patient information](https://reader036.vdocuments.mx/reader036/viewer/2022071021/5fd558f196fdf35d0e574eb1/html5/thumbnails/1.jpg)
View the Replay
![Page 2: View the Replay - FairWarning · 9/27/2017 · Protecting Patient Information in the Age of Advanced Threats •Threats to patient data now include: •Threats to patient information](https://reader036.vdocuments.mx/reader036/viewer/2022071021/5fd558f196fdf35d0e574eb1/html5/thumbnails/2.jpg)
Speakers
Shellie Zavatsky Trent LongDirector of Internal Audit
at Hurley Medical
Center
Director of Managed Privacy
Services at FairWarning, Inc
![Page 3: View the Replay - FairWarning · 9/27/2017 · Protecting Patient Information in the Age of Advanced Threats •Threats to patient data now include: •Threats to patient information](https://reader036.vdocuments.mx/reader036/viewer/2022071021/5fd558f196fdf35d0e574eb1/html5/thumbnails/3.jpg)
Agenda What are the new advanced threats to patient data?
Implications of global cybersecurity attacks to your organization
Response tactics to global cybersecurity attacks
Implications of terror to securing patient data
Response tactics to terror attacks
Implications of identity theft and fraud
Response tactics to identity theft and fraud
Driving threats out of your organization through technology and culture
![Page 4: View the Replay - FairWarning · 9/27/2017 · Protecting Patient Information in the Age of Advanced Threats •Threats to patient data now include: •Threats to patient information](https://reader036.vdocuments.mx/reader036/viewer/2022071021/5fd558f196fdf35d0e574eb1/html5/thumbnails/4.jpg)
Protecting Patient Information in the Age of Advanced Threats
• Threats to patient data now include:
• Threats to patient information have advanced in a short amount of time
• Advanced threats require innovative tactics to secure patient data
• People Approach combining technology and training
Global Cybersecurity Attacks
Terror Identity Theft Fraud Drug AddictionBasic HIPAA Violations &
OCR Investigations
![Page 5: View the Replay - FairWarning · 9/27/2017 · Protecting Patient Information in the Age of Advanced Threats •Threats to patient data now include: •Threats to patient information](https://reader036.vdocuments.mx/reader036/viewer/2022071021/5fd558f196fdf35d0e574eb1/html5/thumbnails/5.jpg)
Here’s Why We are Able to Obtain this Data
✓Global Customer Base
✓40% + US Market Share of Major Healthcare Providers
✓FairWarning®’s Managed Privacy Services (MPS) monitors over 500,000 healthcare provider employees and affiliates
✓MPS reviews thousands of potential incidents per month
✓Over 5,000 confirmed privacy and security incidents
![Page 6: View the Replay - FairWarning · 9/27/2017 · Protecting Patient Information in the Age of Advanced Threats •Threats to patient data now include: •Threats to patient information](https://reader036.vdocuments.mx/reader036/viewer/2022071021/5fd558f196fdf35d0e574eb1/html5/thumbnails/6.jpg)
Global Cybersecurity Attacks
Here’s why it’s important to know• 2017 there’s been an increase in the number of
organizations affected by global cybersecurity attacks/terror
Here are the implications to your organization• Interrupt services to your healthcare patients
• Reputational Damage
• Business Continuity
Here is what we have seen• Hacktivist groups
• Compromised user credentials
![Page 7: View the Replay - FairWarning · 9/27/2017 · Protecting Patient Information in the Age of Advanced Threats •Threats to patient data now include: •Threats to patient information](https://reader036.vdocuments.mx/reader036/viewer/2022071021/5fd558f196fdf35d0e574eb1/html5/thumbnails/7.jpg)
Response Tactics Global Cybersecurity Attacks
• Statistical Deviations
• Visualization
• Intelligent Filtering “Day to Day” or Forensically
• Behavior Analysis w/Machine Learning
• Network Compromise - Forensics Investigation of Clinical Apps & EHRs
• FairWarning Ready Information Security Partners
![Page 8: View the Replay - FairWarning · 9/27/2017 · Protecting Patient Information in the Age of Advanced Threats •Threats to patient data now include: •Threats to patient information](https://reader036.vdocuments.mx/reader036/viewer/2022071021/5fd558f196fdf35d0e574eb1/html5/thumbnails/8.jpg)
Terror Attacks• Happens without notice
• Instantaneous worldwide media attention ‘Breaking News On CNN’
• Massive international curiosity over victims - patients
• Immediate escalation of patient and institutional risks
• Poor handling can jeopardize law enforcement, legal proceedings, and prosecution of the accused
![Page 9: View the Replay - FairWarning · 9/27/2017 · Protecting Patient Information in the Age of Advanced Threats •Threats to patient data now include: •Threats to patient information](https://reader036.vdocuments.mx/reader036/viewer/2022071021/5fd558f196fdf35d0e574eb1/html5/thumbnails/9.jpg)
Response Tactics: Terror Attacks
• Privacy and Security “Partner”
• Every effort to proactively reach out to customers
• FairWarning® MPS Specialists Available
• Close partnership with our customers
• Comprehensive behavior analysis packages put in place to instantly monitor victims
![Page 10: View the Replay - FairWarning · 9/27/2017 · Protecting Patient Information in the Age of Advanced Threats •Threats to patient data now include: •Threats to patient information](https://reader036.vdocuments.mx/reader036/viewer/2022071021/5fd558f196fdf35d0e574eb1/html5/thumbnails/10.jpg)
Identity Theft and Fraud
Here’s why it’s important to know• Widescale fraud and identity theft are prevalent at any
organization no matter the size or location
• Fueled by IRS tax fraud and medical identity theft
• Active identity theft criminal networks in major metros
• Has become business as usual for care providers
Here are the implications to your organization• Happens at a moment’s notice
• Local law enforcement, FBI, and Department of Justice investigate 3rd party tips that lead to the care provider
• $1.3 Billion strike force
Here is what we have seen• FairWarning® called in to meet highest stake cases
![Page 11: View the Replay - FairWarning · 9/27/2017 · Protecting Patient Information in the Age of Advanced Threats •Threats to patient data now include: •Threats to patient information](https://reader036.vdocuments.mx/reader036/viewer/2022071021/5fd558f196fdf35d0e574eb1/html5/thumbnails/11.jpg)
Response: Identity Theft and Fraud
• Close Partnership with Customers
• Rapid Escalation Upon Detection
• Professional and Legal Documentation of Potential Incidents in the FairWarning® Platform
• Statistical Deviations
• Visualization
• Intelligent Filtering “Day to Day” or Forensically
• Behavior Analysis w/Machine Learning
• Dynamic Identity Intelligence
![Page 12: View the Replay - FairWarning · 9/27/2017 · Protecting Patient Information in the Age of Advanced Threats •Threats to patient data now include: •Threats to patient information](https://reader036.vdocuments.mx/reader036/viewer/2022071021/5fd558f196fdf35d0e574eb1/html5/thumbnails/12.jpg)
Basic HIPAA and OCR Investigations
Snooping Remains a Challenge
Expanded Emphasis on Employees
OCR Requires Documented Appropriate Monitoring Program
Create Culture of Privacy and Compliance
Read more
Read more
Read more
Read more
![Page 13: View the Replay - FairWarning · 9/27/2017 · Protecting Patient Information in the Age of Advanced Threats •Threats to patient data now include: •Threats to patient information](https://reader036.vdocuments.mx/reader036/viewer/2022071021/5fd558f196fdf35d0e574eb1/html5/thumbnails/13.jpg)
Under OCR Resolution Agreement
Upticks related to new behavioral analytics implemented
![Page 14: View the Replay - FairWarning · 9/27/2017 · Protecting Patient Information in the Age of Advanced Threats •Threats to patient data now include: •Threats to patient information](https://reader036.vdocuments.mx/reader036/viewer/2022071021/5fd558f196fdf35d0e574eb1/html5/thumbnails/14.jpg)
Enterprise
Upticks related to new facilities acquired by covered entity
![Page 15: View the Replay - FairWarning · 9/27/2017 · Protecting Patient Information in the Age of Advanced Threats •Threats to patient data now include: •Threats to patient information](https://reader036.vdocuments.mx/reader036/viewer/2022071021/5fd558f196fdf35d0e574eb1/html5/thumbnails/15.jpg)
Mitigating Threats to Patient Data Through Technology and “People Training”
We want to note that the threats to patient data are mitigated through a combined approach of technology and training your workforce.
Culture of Privacy and Security:
▪ Executive Support - support from the CEO
▪ New hire HIPAA training
▪ Ongoing training with security incidents
▪ Employee accountability
▪ Dynamic Identity Intelligence