Wow… that was a great session!
Telehealth seems to have put healthcare security in center stage - with connected medical devices, virtual visits, and more… however, it also uncovered some burning issues that have been around for some time .
Eddie Mize said:
“As they were tightening up security and compliance around Telehealth they were uncovering vast amounts of Shadow IT. For example, a psychiatric department was video recording their session, saving it unencrypted, and then sending it in clear text across email. This was not related to the pandemic and was going on for several years… ”
We had some really good discussion about “HIPAA relaxation”, is it really being relaxed or not at all, and what are the exceptions.
We then moved on to connected medical devices, seems like this is not a new topic. Dick Cheney had the wireless disabled on his pacemaker many years ago. As IOT medical devices are becoming the norm, new companies are rapidly creating new innovative devices. However, are they going out to market before they are secure and should the government introduce new regulations?
We also spoke about DevSecOps and how it can help bridge that gap. And about what we are getting right, policies and procedures, the human element, and much more.
And thanks to Wizer’s hacker, Chris Roberts who did an amazing job moderating this webinar and to panelists:
- DJ McArthur - Information Security Director (CISO) at Childrens Hospital Colorado
- Amy (Harrison) Scites - Adviser, IT Risk & Policy at Cardinal Health
- Andrew Labbo - Principal and Owner of RMHG
- Eddie Mize - Chief Security Officer/Vice President - Information Security at The Pinnacle Group Companies
- Aaron Bregg - Director of Professional Outreach at Cloud Security Alliance West Michigan and Lead Security Analyst as Spectrum Health