cybersecurity 101 for ophthalmology & physician practices
TRANSCRIPT
Cybersecurity 2016Ravi D Goel, MDRegional Eye Associates, Cherry Hill NJClinical Instructor, Wills Eye Hospital
2
The good old days
3
The good old days
CCHPIROS
VAIOP
AnteriorSegment
Testing
PosteriorSegment
A/P
EMR 2016
ICD9 ICD10
6
PQRS Measures 2016
7
IRIS Registry
8
Meaningful Use & Security Risk Assessment
9
Meaningful Use & Security Risk Assessment
10
Security Risk Analysis• Pearl #1 – Define Scope of Security Risk Analysis
• Pearl #2 – Gather data
• Pearl #3 – Identify potential threats
• Pearl #4 – Assess Existing Security Measures
• Pearl #5 – Determine Likelihood of Threat Occurrence
• Pearl #6 – Determine the Level of Risk
• Pearl #7 – Identify and Document Improved Security Measures
CMS HIPAA Security Series (2007)
11
“Reveton” cryptolocker ransomware (2012)
wikipedia (Sophos screenshot - for identification andcritical commentary relating to the website in question)
12
“Locky” cryptolocker ransomware
(Sophos.com screenshot - for identification andcritical commentary relating to the website in question)
13
? Spear Phishing
14
Craigslist
15
Hollywood Presbyterian Medical Center
wikipedia (Junkyardsparkle)
16
Hollywood Presbyterian Medical Center - $17k
wikipedia (Kangasbros)
17
T. Boone Pickens cybersecurity?
18
T. Boone Pickens cybersecurity = Yellow NotePad
19
Cybersecurity – Top 10 Tips in Health Care
20
Cybersecurity – Top 10 Tips in Health Care
21
Cybersecure – Your Medicare Practice
22
Cybersecure – Your Medical Practice
23
Cybersecure – Your Medical Practice
24
Cybersecure – Your Medical Practice
25
“Locky” cryptolocker ransomware (Paul Ducklin)
(Sophos.com screenshot - for identification andcritical commentary relating to the website in question)
26
Ravi’s Practical Pearls 2016
• Pearl #1 – Who is your IT guy? Could you text him right now?
• Pearl #2 – Who backs up the data? How often? On-site or off site?
• Pearl #3 – Does your team use internet from desktops or server?
• Pearl #4 – Are all mobile devices encrypted? Wifi secure?
• Pearl #5 – How often is your security software backed up?
“If there is no downside,there is an inherent upside.”
Malik Magdon-Ismail, PhD (Caltech)Professor of Computer Science, RPI
Thank you!