HealthBlawg

David Harlow's Health Care Law Blog

    • Twitter
    • Facebook
    • LinkedIn
    • RSS
    • Email
  • About
  • Archives
  • Podcast
  • Press
  • Awards/Reviews
  • HIPAA
  • HCSM

Cybersecurity and Healthcare Panel Discussion with Government and Industry Experts

March 3, 2017

I recently moderated the Second Annual Cybersecurity and Healthcare panel discussion, produced by HITECH Answers, with some all-star panelists: Mac McMillan, Lee Barrett, Bridget Wahlstrom and Iliana Peters. We discussed a range of current issues, and prognosticated about the future. Check out the video, below.

Here’s the introduction that I offered to set the stage for our conversation:

It seems that almost every day we read news of a new significant breach, a new ransomware attack, a new settlement with the HHS Office of Civil Rights. There are also other areas of concern for those of us who are employed by or who represent health care providers and their business associates in the health data realm – Federal Trade Commission enforcement, class action lawsuits, state attorney general actions and individual lawsuits based on state privacy laws.

But to get started today, let’s step back from these endpoints – the attacks, the exploits, the lawsuits, the enforcement actions, the fines, the compliance agreements, and talk about how we, collectively, can put our best foot forward, how we can do the right thing.

Yes, we need to be looking over our shoulders, metaphorically speaking, but for virtually my entire career, my mantra has been the practice of preventive law – as an attorney and advisor, I always seek to help my clients put systems and agreements in place that anticipate what might go wrong, thereby preventing at least most of the things that are likely to go wrong. I am sure that our panelists today have a similar mindset as well. I came across a reference to Donald Rumsfeld’s memorable phrase “unknown unknowns” earlier today, and this category of risks exists in healthcare cybersecurity as it does in military planning, but most of the significant risks out there are known. Even though these risks are known, we, collectively, the healthcare community, are not doing what we need to do, at the level we need to do it, in order to mitigate these risks.

For me, high on this list of insufficiently addressed risks are what I’ll call collectively “human factors” – staff who are taken in by social engineering of sophisticated hackers and click on those darn links in those darn phishing emails. Also: ransomware and other exploits enabled through the absence or improper configuration of security tools. These human factors bleed into apparent institutional indifference. How many academic medical centers must be hit with multi-million dollar penalties before all AMCs devote the attention – and the resources – necessary to close the gaps in their cybersecurity programs? Why aren’t other covered entities and business associates doing everything they need to do to maintain full compliance?

I hope you enjoy the webinar — get a cup of coffee, make yourself comfortable, and have a listen. Feel free to contact me with any questions you may have about HIPAA compliance and related cybersecurity issues.

David Harlow
The Harlow Group LLC
Health Care Law and Consulting

Image credit: Blogtrepreneur via FlickrCC

Filed Under: Compliance, Digital Health, Health care policy, Health Law, Healthcare Innovation, HIPAA, HIT, Interview, OCR, Podcast, Privacy, Security

you might also like:

  1. Federal Health Care Cybersecurity Task Force Issues Recommendations for Industry

  2. Fred Trotter on Data Journalism and Cybersecurity — Harlow on Healthcare

  3. Cybersecurity Reports and HIPAA Chat Webinar

« MACRA Time: Value Based Payment Writ Large
ACA Medicaid Expansion Is Not a State Budget Buster »

Comments

  1. Carlos A. Leyva says

    March 9, 2017 at 3:41 pm

    It sounds like an interesting topic. One near and dear to my heart. I will cycle back and listen to the podcast when I have more bandwidth.

Trackbacks

  1. HITECH Answers: Meaningful Use, EHR, HIPAA News - Cybersecurity and Healthcare Panel Discussion with Government and Industry Experts says:
    March 13, 2017 at 7:22 am

    […] article was originally published on HealthBlawg and is republished here with […]

Follow me on Twitter

David Harlow 💉😷 Follow 43,510 17,460

Mastodon @healthblawg@c.im #HealthCare #MedDevice #Compliance #Privacy @MyOmnipod #HIPAA #digitalhealth #HarlowOnHC #pinksocks Tweets are tweets No more no less

healthblawg
healthblawg avatar; David Harlow 💉😷 @healthblawg ·
6h 1665219373223616513

ICYMI> Stephen Williams, CMO of SomaLogic, on the Promise of Proteomics — Harlow on Healthcare https://healthblawg.com/2023/01/stephen-williams-somalogic-proteomics.html?utm_source=twitter&utm_medium=social&utm_campaign=ReviveOldPost #digitalhealth #hcldr #HITsm

Image for the Tweet beginning: ICYMI>  Stephen Williams, CMO Twitter feed image.
Reply on Twitter 1665219373223616513 Retweet on Twitter 1665219373223616513 0 Like on Twitter 1665219373223616513 0 Twitter 1665219373223616513
healthblawg avatar; David Harlow 💉😷 @healthblawg ·
13h 1665113709855776769

ICYMI> From EEGs to actionable clinical endpoints with Jacob Donoghue, MD PhD, CEO of Beacon Biosignals — Harlow on Healthcare https://healthblawg.com/2022/07/jacob-donoghue-beacon-biosignals.html?utm_source=twitter&utm_medium=social&utm_campaign=ReviveOldPost #digitalhealth #hcldr #HITsm

Image for the Tweet beginning: ICYMI>  From EEGs to Twitter feed image.
Reply on Twitter 1665113709855776769 Retweet on Twitter 1665113709855776769 0 Like on Twitter 1665113709855776769 0 Twitter 1665113709855776769
healthblawg avatar; David Harlow 💉😷 @healthblawg ·
20h 1665007971783376898

ICYMI> Lissy Hu, President of Connected Networks at WellSky — Harlow on Healthcare https://healthblawg.com/2023/01/lissy-hu-wellsky.html?utm_source=twitter&utm_medium=social&utm_campaign=ReviveOldPost #digitalhealth #hcldr #HITsm

Image for the Tweet beginning: ICYMI>  Lissy Hu, President Twitter feed image.
Reply on Twitter 1665007971783376898 Retweet on Twitter 1665007971783376898 0 Like on Twitter 1665007971783376898 0 Twitter 1665007971783376898
Load More
Follow me on Mastodon

HIPAAtools

Hipaatools

The HIPAA Compliance Toolkit

The Walking Gallery

The Walking Gallery

Quick Links

  • Home
  • Categories
  • Archives
  • Podcast Interviews
  • HIPAAtools
  • HIPAA Compliance
  • Health Care Social Media
  • Speaking
  • In the Press
  • Blogroll

David Harlow

David Harlow

HealthcareNOW Radio

Connect with David

  • Twitter
  • Facebook
  • LinkedIn
  • RSS
  • Email
  • Subscribe
  • Contact
  • Book Me: Speaking
  • About
  • The Harlow Group LLC
Copyright © 2006–2023
HealthBlawg is a publication of The Harlow Group LLC. See Copyright notice and disclaimer.
Fair use with attribution and a link is encouraged. Click for more on David Harlow.
[footer_backtotop text="Back to top" href="#"]