Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

MiHIN Cyber-Security Panel Agenda


Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

MiHIN Cyber-Security Panel Agenda

  1. 1. MICHIGAN HEALTH INFORMATION NETWORKCyber Security Panel Discussion – June 20, 2012
  2. 2. CYBERSECURITYPANELAGENDA2Cyber Security Panel DiscussionAgenda1. Setting the stage – by the numbers2. Opening remarks3. Panel challenges4. Audience questions
  3. 3. WHOSTILLTHINKSFAXANDMAILARESECUREORRELIABLE?Why are security and identity protection important in HIT?3
  4. 4. A1915LETTER,SENTJUSTTOANAMEINAMICITY….Simple data-based identities4
  6. 6. BUTWHENITLOCKSMEOUT,ITREALLYLOCKSMEOUT…Two-factor/Dual/Mutual/Multiple Authentication6
  8. 8. EXCITINGTOSOME,VERY,VERYDISTURBINGTOOTHERS….Physical Alteration Identification8
  9. 9. BREACHESANDIDTHEFTCANUTTERLYDESTROYLIVES….What can be the results of a breach?9
  10. 10. WHATISTHETOTALCOSTOFBREACH?What does a breach cost these days?• Learning of breach (patient, 3rd party, internal investigation, news)• Repairing breach ($17 million total for BCBS-TN)• Cost of investigation (people, time, equipment; externalinvestigators; forensics; legal discovery)• Notifications (those potentially affected, L/S/F authorities)• Remediation• Ongoing prevention (monitoring, upgrades, training, audits,assessments) – cost to prevent vs. risk/cost of exploitation• Cyber liability insurance (tens of thousands $/year)• Fines & settlement ($1.5 million for HITECH breaches, AG settlements)• Class action claims ($1,000 per patient in California)• Legal fees (pay even if you “win”)• Balance Sheet and Income Statement• Intangible/loss of market goodwill ($ M’s)• Loss of customers/revenues ($ ???’s)• Impact on patients• Loss of trust• Human cost - permanent effects upon lives and livelihoods10
  11. 11. ANDHERETHEYARE:OURSECURITYPANELISTSOpening Remarks – the Panelists• Gina Bianco-Perez: President, Advances In Management• Peter Alterman: Senior Advisor to NIH CIO for StrategicInitiatives• Ross Roberts – Information Assurance PM (IAPM) and HIPAASecurity Officer for the U.S. Army Medical Command(MEDCOM) and Office of The Surgeon General• Mick Talley – SEMHIE Director, Treasurer, and ProgramManager for SSA E-Disability E-Filing contract• Randy Frank – Internet2 Sr Dir. New Business Development11
  12. 12. DURINGTHISPARTWECANDISAGREE!Challenge 1: What is the worst aspect of a security breach?Challenge 2: What do you think are the three single mostimportant issues in IT security today?Challenge 3: What emerging trends do you see in IT securitythat keep you awake at night?Challenge 4: Standards, standards everywhere. But HOW?Challenge 5: Testing before production? In health care?Challenge 6: What are the business models for security in HIT?12Panel Challenges – 10-15 minutes
  13. 13. DURINGTHISPARTWEHAVETOBENICETOEACHOTHERAudience Questions – 10-15 minutesRules:1. If your initials are called, please be prepared to clarify yourquestion for the panel2. If you disagree with the panel’s response to your questionor want to add to their response you may have one minutefor rebuttal after the panelists answer your question3. Please be nice until the break!13
  14. 14. WESINCERELYAPPRECIATEYOURTIMEANDATTENTIONCLOSING and THANK YOUSecurity: It is no laughing matter, but we hope you had fun and learnedsomething todayIf you have additional comments or suggestions, please email them tosecurity@mihin.orgFor positive comments about this panel session, please email my boss, TimPletcher, pletcher@mihin.orgFor complaints about this panel, please emailcustomerservice@yahoo.comThank you for your time and attention!Jeff Livesay, livesay@mihin.org14