Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Identity, Security and Healthcare

2,023 views

Published on

Healthcare businesses must balance the requirement to provide the necessary information practitioners need to deliver quality healthcare, with the pressing need to keep patient data private and secure. As more and more patient information moves online and mobile, healthcare organizations are rethinking the role of identity in ensuring that the right people get the right information when and how they need it.

Geoff Webb, Director of Solution Strategy with NetIQ presented 'Identity, Security and Healthcare' at the Heart of America HIMSS chapter event at Johnson County Community College on January 16th 2014. His presentation looked at the evolving trends of mobility, social identity, cloud, and security in the world of healthcare, and how you can start planning now to meet the needs of your organization today and in the future.

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

Identity, Security and Healthcare

  1. 1. #HOAHITSEC14 Identity, Security and Healthcare Geoff Webb Senior Director, Solution Strategy
  2. 2. Identity, Security and Healthcare Agenda – How does identity and the changing practice of identity management address the major challenges facing the healthcare industry today? •What are the challenges and risks? •How is complexity having an effect? •How does the concept of identity solve these problems? •Where 2 are we headed? © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  3. 3. Big Challenges Facing Healthcare • Demand • Financial • Role for healthcare is changing model is changing of the patient is changing • Healthcare itself is changing • Competitive • Role landscape is changing of government is also changing Source: Business Drivers of Technology Decisions for Healthcare Providers – Gartner December 2013 3 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  4. 4. In other words… a lot is changing, fast 4 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  5. 5. Change Increases Risk These changes increase complexity as well expectations among users of systems and patients. This “consumerization of expectation” is a significant driver of risk for organizations handling sensitive data, such as patient and employee records. 5 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  6. 6. Healthcare Breaches Overall Source: A Look Back: U.S. Healthcare Data Breach Trends - Health Information Trust Alliance (HITRUST) 6 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  7. 7. 94% 7 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  8. 8. Causes Of Breaches Source: Third Annual Benchmark Study on Patient Privacy & Data Security – Ponemon Research 8 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  9. 9. Type of Breach Source: A Look Back: U.S. Healthcare Data Breach Trends - Health Information Trust Alliance (HITRUST) 9 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  10. 10. A Changing Technology Landscape
  11. 11. Market Trends Driving Change Cloud Mobility Information Social ENTERPRISE 11 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  12. 12. Mobility On The Move Source: Third Annual Benchmark Study on Patient Privacy & Data Security – Ponemon Research 12 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  13. 13. Yet Much Remain Unsecured Source: Third Annual Benchmark Study on Patient Privacy & Data Security – Ponemon Research 13 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  14. 14. Consumer Cloud Poses A Risk 14 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  15. 15. Let’s Get Social 15 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  16. 16. More, More, More • More: – – Devices – Users and participants – Collaboration and sharing – Mobility – • Information Risk and penalties Less: – – Visibility – 16 Control Ability to say “no” © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  17. 17. Complexity All of the above is driving an explosion in complexity 17 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  18. 18. Cutting Through Complexity 18 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  19. 19. Identity Is The Key • Identity management is the key to safely unlocking the power of emergent trends such as: – Mobility – Cloud – Information use – Social Media • • 19 Good identity management improves outcomes and reduces risk And it’s cheaper… © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  20. 20. Building On The Power of Identity
  21. 21. What Is Identity Management? • Rapidly changing discipline that helps us define: – Who people are – What – What resources they should have access to – What • privileges they should have that access should be In order to: – Improve – Reduce 21 productivity risk © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  22. 22. The Bottom Line Identity Management ensures that the right people have access to the right resources and services at the right time, in the way they need it 22 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  23. 23. Changing Role Of Identity • Gone from highly IT-Centric to very business-centric • No longer owned by the IT organization • Increasingly reflects the more consumerized technology landscape and expectations of users 23 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  24. 24. Identity Ties Together • Relationships of people, process and information • Regardless • In 24 of technology a way that is secure and manageable © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  25. 25. Concrete Challenges • How do I get people access quickly? • How do I monitor what they are doing? • How do I reduce the risk from privileged users? • How do I know when I have been breached? • How do I report on who has access to what? 25 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  26. 26. The Blind Spot Employee Lifecycle Source: http://www.gophoto.us/key/human%20life%20stages 26 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.
  27. 27. The Blind Spot Risk Blind Spot 27 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  28. 28. Who Is The Risk? 28 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  29. 29. Mistakes Are Costly Source: Datalossdb.com 29 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  30. 30. Mistakes Are Costly Source: Datalossdb.com 30 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  31. 31. How Do We Solve These Issues? • Identity Context • Adaptive Access • Integrated Governance • Identity-Powered Security 31 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  32. 32. Integrated Identity and Access Lifecycle Powers the entire user lifecycle 32 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  33. 33. What Does This Look Like?
  34. 34. Employees Needs Access… • Self-service access request to healthcare applications • Web, cloud and enterprise single sign-on • Self-service password reset 34 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  35. 35. Managers Need to Manage… • A complete view of her people and resources • Ability to review and approve requests on-the-go • Better information to make access certification decisions, faster 35 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  36. 36. And Auditors Need Visibility • An Identity and Access Governance Platform • Record and review policies and policy violations • Analyze risk from unnecessary access rights • Limit and monitor the activities of privileged users to reduce insider risk 36 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  37. 37. Integrated Identity Management These capabilities derive from integrated, intelligent identity and access management that extends up to the cloud, incorporates mobile computing, and reflects the priorities and speed of business of healthcare professionals 37 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  38. 38. But Wait… 38 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  39. 39. Internet of EVERYTHING 25 billion and 1 trillion items by end of decade 39 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  40. 40. And EVERYTHING is going to want an Identity (which is a lot) 40 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  41. 41. Identity Powered Healthcare • Identity management will define your interactions with clinicians, partners, associates and patients • More devices, more data and more relationships that ever • More opportunities to personalize and respond than ever BUT – the demand for everything to have an identity will tax traditional thinking and approaches 41 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  42. 42. Next Up Welcome to Generation “I” 42 © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  43. 43. Recommendations • Evaluate how your organization uses identity • Plan to integrate identity and access management into the cloud and from mobile devices • Extend identity intelligence into your security management plans • Plan 43 to manage the impact of social identity © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. #HOAHITSEC14
  44. 44. Worldwide Headquarters 1233 West Loop South Suite 810 Houston, TX 77027 USA +1 713.548.1700 (Worldwide) 888.323.6768 (Toll-free) info@netiq.com NetIQ.com 44 © 2013 NetIQ Corporation and its affiliates. All Rights Reserved. www.netiq.com/communities

×