3 min read
First annual Paubox SECURE Conference tackles big digital health security topics
Rick Kuwahara November 03, 2017
Most digital health conferences focus on innovation and security is usually relegated to a sub topic. But with more and more cyber attacks targeting healthcare, Paubox SECURE put digital health security front and center. Unlike other conferences that are thinly veiled pitches for products, Paubox SECURE focused on delivering in-depth talks and panels that goes beyond a quick Google search. Here are key takeaways from the packed afternoon agenda.
Keynote: An Anatomy of a Ransomware Attack
Paubox Founder CEO Hoala Greevy kicked off the conference with a look at one of the biggest outside threats to healthcare security - ransomware. Email was revealed to be the biggest cause of breaches in 2017 according to the reported breaches to the U.S. Department of Health & Human Services (HHS). That has led to some big fines that reached over $100 million total in 2017 and 2016, a drastic penalty compared to similar breaches in other sectors like financial services.
Ransomware at a glance
We wrote more in depth about ransomware in a previous post, but Hoala went beyond the surface to dig into technical reasons why ransomware is so effective and how to protect against it. One highlight was how anti-virus signatures don't work in protecting against ransomware. Modern ransomware changes its signature hash every 58 seconds, which outpaces anti-virus vendors' ability to keep up.
The future of ransomware protection
Hoala wrapped up his presentation with a look into the future of ransomware. Machine Learning will play a big part in advancing security by being able to learn and prevent potential attacks on the fly. Making the process of registering a domain more secure will also help to prevent registration of domains with trademarked names, a key tool in phishing attacks.
The Future of AI and Machine Learning in Healthcare Security
Anya Schiess of Healthy Ventures, Greg Reber of AsTech Consulting, and Brent Newhouse of Qventus, made up a fantastic panel that explored the topics surrounding one of the hottest tech trends - artificial intelligence (AI) and machine learning. The discussion explored the possible applications of machine learning to healthcare, some of the impediments to adoption and how data plays a big role in the effectiveness of any solution. Some exciting applications for machine learning discussed were:
- Clinical decision making
- Lead qualification for drug testing
- "End point protection is a big focus now. The end points keep getting further out." - Greg Reber
But it was noted that any application of machine learning will only be good as the data it can look at.
- "Data is the bottleneck." - Anya Schiess.
- "Getting the data out is extremely challenging in healthcare." - Brent Newhouse.
- Having clean data is an issue because majority is from manual entry
- Lack of uniformity in format
Fireside Chat: Surviving a HIPAA Audit
Bluegrass Biggs, Founder & CEO of BiggsB, joined Hoala on stage to share his knowledge of how to best stay HIPAA compliant. Pulling from his 15 years of experience in consulting on regulatory compliance issues, Bluegrass shared some great takeaways:
- "The #1 thing you can do is create a Wiki page with the contact info of your HIPAA officer, then send that link to everyone." - Bluegrass Biggs
- It's never too early to start a plan
- Use templates as a way to jumpstart compliance documentation
Health IT Security in a Digital World
Shawn Savadkohi of San Mateo County Health System, Lin Wan of Stella Technology, and Nick John of Redox took the stage for the final panel of the afternoon. The discussion didn't disappoint as the anchor for the afternoon. Topics included the difficulty in adopting new technology while maintaining security, challenges vendors have in entering healthcare, managing those relationships and more. It was engaging to hear the panel discuss the topics from their varying view points of a provider, vendor and integrator of healthcare. Here are some quick takeaways:
- "We're about providing patient care, not just using cool technology." - Shawn Savadkohi
- "Almost every state has different patient consent rules." - Lin Wan on the difficulty of interoperability.
- "There are big implications to making mistakes in Healthcare IT." - Nick John
- “One of the challenges of the industry are that standards are interpretable." - Nick John
- “For me, third party vendor management for security is really critical." - Shawn Savadkohi
A Wake for the Fax Machine
No event from Paubox would be complete without something fun, yet topical. So we had a memorial for our dear friend the fax machine during our Networking Reception hosted by Atlantic.Net. Hoala started off the wake with a eulogy and attendees shared their memories of the fax machine. Others wrote down their well wishes on cover sheets and put them on a remembrance board. RIP fax machine.
Looking to next year
We're still gathering feedback from attendees and speakers, but the initial feedback has been raving. And it was all centered around the quality of our speakers and the depth of the discussion on the topics we covered. We'll keep that focus for 2018 and deliver another great conference.
Want to be notified of the next Paubox SECURE? Then just subscribe below.
Subscribe to Paubox Weekly
Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.