GNYHA & Cybersecurity › wp-content › uploads › 2018 › 05 › 5-Logan-_G… · Attention at Federal level Cybersecurity Act of 2015 Health Care Industry Cybersecurity (HCIC)
Post on 25-Jun-2020
0 Views
Preview:
Transcript
GNYHA & CYBERSECURITYApril 26, 2018
□Cybersecurity concerns expand as industries modernize
□Healthcare sector has gone digital, largely insecurely
□ Greater than 95% EHR utilization exposed to threats emanating
from employees to sophisticated cybercriminals
□ $$ for PHI on the dark web
□ Ransomware most common attack vector
□ Lost revenue and reputational damage for impacted facility
Overview: Cybersecurity in Healthcare 2
3
4
□Attention at Federal level □ Cybersecurity Act of 2015
□ Health Care Industry Cybersecurity (HCIC) Task Force Report
□ CISA 405(d)
□Attention from NYS□ NYS DOH Medicaid increased security to
protect sharing of Medicaid data
□Attention in NYC □ NYC CISO/DA/NYP Cyber Command
Overview: Cybersecurity in Healthcare 5
Graphic from CISA 405(d) draft report
□ Agency Players:
□ Preparedness (ex. DHS, HHS)
□ Response (ex: FBI, NYPD)
□ Recovery (ex: DOH, DHS)
□ Regulatory (ex: CMS/OCR)
Overview: Cybersecurity in Healthcare 6
Graphic from HCIC Task Force Report 2017
□ Interdisciplinary team model:
□ Emergency preparedness
□ Legal
□ Health information technology
□ Regulatory
□ Supply chain
GNYHA & Cybersecurity 7
□Past and Existing Programs & Resources:
□ (Event) GNYHA & NYCDOHMH Emergency Preparedness
Symposia/Cybersecurity: Included CIO of Hollywood
Presbyterian Medical Center discussing ransomware attack
□ (Event) GNYHA & DHS Tabletop Exercise
□ (Resource) Hospital Guide to Cybersecurity
Reporting/Resources
□ (Business Offering) Cybersecurity Targeted Solution Set
GNYHA & Cybersecurity 8
9
□Events & Resources Continued –
□ (Event) Threat Briefing with DHS
□ (Event) Erie County Medical Center shares Lessons
Learned from Cyber Attack
□ (Event) Cyberattack at the Bedside: Live Simulation for
Clinicians
□ (Event) Cybersecurity Webinar with Drs. Halamka and
Baker
GNYHA & Cybersecurity 10
□Upcoming Events and Sharing of Relevant Information
□ (Event) Cybersecurity Tactical Simulation (CTS) with vendor
Sensato
□ (Event) Cybersecurity Insurance Webinar
□ (Member Info) Cybersecurity Bulletin: GNYHA Cyber Team
continues to send relevant cyber alerts and recommendations
GNYHA & Cyber 11
□What are your biggest concerns related to cybersecurity
preparedness and response?
□Who is involved in planning efforts at your facility/system?
□How can GNYHA assist your facility/system in this area?
Conclusion & Suggested Next Steps12
Logan A. Tierney Project Manager, Regulatory and Professional Affairs GREATER NEW YORK HOSPITAL ASSOCIATIONphone: 212.554.7207email: ltierney@gnyha.org
top related