Episode #1: You Are the Next Target

So here’s what keeps me up at night:   The neighbor’s barking dog. The stray firecracker that goes off at 2:30. And Patients.  Millions of patients.  And when I say patients, I really mean people.  Millions of people whose most intimate details… their stories…have been laid bare for the world to see on behalf of the highest bidder.  Millions of people who have to wonder who knows about their recent bout of depression.  Or who knows about their history of high blood pressure and their medication for it?  What about that cancer scare?  And if that isn’t enough, that these people have to wonder, whose got my social security number?  How many accounts have been opened in my name?  How many purchases made with my credit? 

Collectively, we have to wonder if we can ever be truly secure?  Are our physical and virtual lives irreversibly intertwined? Is the idea of privacy even a valid concept anymore?  These questions, for which there are no easy answers, are some of the things that keep me up at night. I bet they keep you up too.  

So here’s what keeps me going each day.  For every malicious hacker, there is a white-hatted one.  For every attack on a server, there is a dedicated IT security professional ready to respond.  For every malicious line of code, there is one created to defend against the malice.
So how do we respond?  How does the health care sector deal with the cybersecurity issue?  Who do we look to for leadership and guidance through the battles ahead of us?   

Welcome to HIMSS’s new health IT cybersecurity podcast, Code Red.  Code Red focuses on cybersecurity challenges facing health care today & tomorrow, featuring the voices of the people on the front lines. The goal of the podcast is to explore the interplay between the people, processes & technologies that make up an organization’s cybersecurity posture from both a leadership & skills-based perspective.

In this episode we will discuss the existential threat of cybersecurity attacks in the age of ubiquitous digital health and the range of current cyber-security threats. We’ll talk to HIMSS Privacy & Security Committee member, Ram Ramadoss, Vice President – Privacy, Information Security & EHR Oversight at Catholic Health Initiatives, the nation’s third-largest nonprofit health system.  

-Rod Piechowski (Host)

This Episode’s Guest: 

Ram Ramadoss
Vice President, Privacy, Information Security & EHR Oversight
Catholic Health Initiatives

Member-Cybersecurity Task Force, Department of Health & Human Services
Learn more about Ram: https://www.linkedin.com/in/ramramadoss
Follow Catholic Health Initiatives on Twitter: @CHI_Updates
More on Catholic Health Initiatives: http://www.catholichealthinitiatives.org/


This Episode's Transcript

Read it here


This Episode’s News:

2016 HIMSS Cybersecurity Survey Results
Download a copy of the 2016 HIMSS Cybersecurity Survey results.  

Cybercriminal TheDarkOverlord stole more patient records and medical images than originally thought, InfoArmor reports
The hacker broke into organizations on the HL7 network, the security firm has found, and has since put those records up for sale on the dark web. The security firm also said TheDarkOverlord is actively looking for more servers to hack in healthcare.  Read more

Informatics experts offer guidance for defense against ransomware
As ransomware attacks continue to increase, healthcare stakeholders across the board are going to have to step up their efforts both to prevent and recover from security incidents as quickly as possible.  In an attempt to move those efforts forward, Dean Sittig, a professor at the University of Texas School of Biomedical Informatics, and Hardeep Singh, MD, chief of the Health Policy, Quality and Informatics Program for the Department of Veterans Affairs, recently wrote "A Socio-technical Approach to Preventing, Mitigating, and Recovering from Ransomware Attacks.”  Read more

Read the whitepaper “A Socio-technical Approach to Preventing, Mitigating, and Recovering from Ransomware Attacks

This Episode’s Hashtags: 

#HITSecurity, #HITworks, #Ransomware, #YouAreTheNextTarget

This Episode’s Promo:

Healthcare Privacy & Security Forum
The Privacy & Security Forums are two-day conferences, presented by HIMSS Media, held around the nation, with a specific focus on current industry topics. Register for the December 2016 Healthcare Privacy & Security Forum in Boston, Massachusetts.