Cyber Security Program Manager – Sector Assurance
Department of Health and Human Services Victoria
12:00 PM Digital Healthcare Workshop: Guarding Your Patients, Hospital and Yourself from Cyber Attackers – How to Detect, Protect and Prevent Exploitation of Sensitive Records and Information
As healthcare shifts towards a digitised world with EMR and My Health Record and ease of access to big data, this opens up a new world with frightening possibilities as cyber attackers exploit sensitive information with surprising ease. The degree of risk is heightened by the fact that patient records (now so easily accessed online) must be 100% true for accuracy of diagnosis and treatment.
While going paperless has many benefits for the community and healthcare sector, the lack of privacy and security are becoming paramount. There is a dire need to raise awareness about cyber security threats to ensure clinicians, staff and hospitals have proactive and preventative measures in place.
Led by James Fell, a leading expert in cyber security from the Department of Health and Human Services, this interactive workshop will teach you how to raise awareness of cyber security threats such as social engineering and phishing emails and how you can decide on the best preventive approach in this current clinical environment.
Key Learning Outcomes:
- How to deploy a phishing solution for multiple different health services.
- How to truly raise awareness of cybersecurity through phishing campaigns including measuring success.
- How social engineering works in a healthcare environment which is inherently open to the public
- Why cyber hygiene is just as important as hand hygiene
3:50 PM CASE STUDY: Developing a State Wide Strategy for Cyber Security in Healthcare to Achieve Consistency and Minimise Risk
The Victorian Government recently invested $11.9 Million in their “cyber security program” – a 3 year state-wide collaboration between participating public health services. In this session, James will cover:
- How, 2 years into their program, they are uplifting the levels of cyber security in the public sector by applying non-traditional security models, frameworks and innovative models for cost to improve economies of scale
- Challenges around stakeholder engagement and working collaboratively to improve cyber security in a devolved governance model
- KPIs and targets set for improvement areas – allowing health services to benchmark and selfassess the impact of their practices
- Managing data taken from the self-assessments and reassessments conducted by the State Government – challenges around improving visibility, transparency and coherency of data
Integrated healthcare ecosystems with shared information across medical devices and an interoperable electronic health record (EHR) system allow for continuous care and remote management. However, interoperability introduces significant data privacy and security concerns for all healthcare providers. Discussion points will
- The challenges of detecting inappropriate access to patient data in EMR systems and devising appropriate strategies to strengthen cyber security defences
- Appreciating the revenue and reputational risks as a result of data breaches and how this will impact patients and their families
- Real-time auditing of systems to promote quick detection
- Reflecting on recent case studies