Presentation is loading. Please wait.

Presentation is loading. Please wait.

Data Loss and Prevention: Securing Hospitals from Data Breach through End Point Security NJHIMSS Security, Privacy and Compliance Taskforce Tom Bartiromo.

Published byJulius Randall Modified over 8 years ago

Similar presentations

Presentation on theme: "Data Loss and Prevention: Securing Hospitals from Data Breach through End Point Security NJHIMSS Security, Privacy and Compliance Taskforce Tom Bartiromo."— Presentation transcript:

1 Data Loss and Prevention: Securing Hospitals from Data Breach through End Point Security NJHIMSS Security, Privacy and Compliance Taskforce Tom Bartiromo Saint Barnabas Healthcare System, VP & CTO Livingston Services Corp, VP & CIO Co-Chair Vikas Khosla BluePrint Healthcare IT President and CEO Co-Chair vikas.khosla@blueprinthit.com November 23, 2010

2 Data Loss and Prevention: Securing Hospitals from Data Breach through End Point Security Moderator: Mike Maksymow, MBA/TM, CPHIMS Director, Information Services & Telecommunications Robert Wood Johnson University Hospital Hamilton Speakers: Hussein Syed Director, IT Security Saint Barnabas Healthcare System Phillip Curran Chief Information Security Officer Cooper University Hospital

3 Data Loss and Prevention: Securing Hospitals from Data Breach through End Point Security Agenda  Three areas of endpoint security  Endpoint health  Data security  Data Loss Protection/Prevention (DLP)  Endpoint Security Lifecycle Management  Helpful Links

4 Three areas of endpoint Security Endpoint health Data security Data Loss Protection/Prevention (DLP)

5 Endpoint Health What ?  Anti-Virus/Spyware  Malicious Code/poorly developed programs  Advance Persistent Threats (APT)  End User Misuse Why?  To prevent uninterrupted service  Data breach/exposure  Regulatory compliance  Loss of reputation  Financial impact Challenges  Awareness/Education  Cost justification  Support cost  Management Awareness  Metrics

6 Data Security What ?  Endpoint encryption  Removable media encryption  Asset tracking Why ?  To prevent unauthorized access  Breach notification exemptions Challenges  Adoption  Password/Key management  Endpoint performance  Cost

7 Data Loss Protection/Prevention (DLP) What?  Data at rest  Data in motion  Data in use Why?  Unauthorized access  Data accounting and classification  Visibility Challenges  Now you know, must do something  Business units’ buy-in

8 Endpoint Security Lifecycle Management Governance & Management  Policies  R&D to develop an acceptable solution  Intra-department collaboration  Marketing of security programs Operations  Maintenance of infrastructure  Incident handling

9 Useful Links  2010 HIMSS Security Survey http://www.himss.org/content/files/2010_HIMSS_SecuritySurvey.pdf  Ponemon Institute Data Security, Breach and Prevention Whitepapers and Reports http://www.ponemon.org/data-security

Download ppt "Data Loss and Prevention: Securing Hospitals from Data Breach through End Point Security NJHIMSS Security, Privacy and Compliance Taskforce Tom Bartiromo."

Similar presentations

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals Visions for 2010 Anna Russell & Andy Clark.

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals Visions for 2010 Anna Russell & Andy Clark.
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
Security Controls – What Works

Security Controls – What Works
Session 3 – Information Security Policies

Session 3 – Information Security Policies
© 2003, EDUCAUSE/Internet2 Computer and Network Security Task Force Computer Access, Privacy and Security: Legal Obligations and Liabilities Rodney J.

© 2003, EDUCAUSE/Internet2 Computer and Network Security Task Force Computer Access, Privacy and Security: Legal Obligations and Liabilities Rodney J.
Obtaining, Storing and Using Confidential Data October 2, 2014 Georgia Department of Audits and Accounts.

Obtaining, Storing and Using Confidential Data October 2, 2014 Georgia Department of Audits and Accounts.
Www.searchinform.ru Comprehensive DLP Solutions in Large Geographically Dispersed Companies.

Comprehensive DLP Solutions in Large Geographically Dispersed Companies.
August 21-24, 2007 Privacy and Security Leaders as Partners in Patient-Centered Care Presented by Samuel P. Jenkins, FACHE Director, Defense Privacy Office.

August 21-24, 2007 Privacy and Security Leaders as Partners in Patient-Centered Care Presented by Samuel P. Jenkins, FACHE Director, Defense Privacy Office.
Information Security– SNO International Zanzibar, Tanzania Joe Beaulac, Sr. Manager – Cyber Defense Center & Risk/Vulnerability Management 23 September.

Information Security– SNO International Zanzibar, Tanzania Joe Beaulac, Sr. Manager – Cyber Defense Center & Risk/Vulnerability Management 23 September.
Information System Security Plan Steps. STEP ONE – Understand the A sset Philosophically, we believe that “security should follow data” But we know that.

Information System Security Plan Steps. STEP ONE – Understand the A sset Philosophically, we believe that “security should follow data” But we know that.
A NASSCOM ® Initiative DSCI-KPMG Survey 2010 State Of Data Security and Privacy in the Indian Banking Industry Vinayak Godse Director- Data Protection,

A NASSCOM ® Initiative DSCI-KPMG Survey 2010 State Of Data Security and Privacy in the Indian Banking Industry Vinayak Godse Director- Data Protection,
Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.
About Safend ► Venture capital backed by: ► Experienced management team ► Top talent researchers and security experts ► Customers in the forefront of security.

About Safend ► Venture capital backed by: ► Experienced management team ► Top talent researchers and security experts ► Customers in the forefront of security.
Enterprise Computing Community June 13 - 15, 2010February 27, 2010 1 Information Security Industry View Linda Betz IBM Director IT Policy and Information.

Enterprise Computing Community June , 2010February 27, Information Security Industry View Linda Betz IBM Director IT Policy and Information.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.
What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.

What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
1 Secure Commonwealth Panel Health and Medical Subpanel Debbie Condrey - Chief Information Officer Virginia Department of Health December 16, 2013 Virginia.

1 Secure Commonwealth Panel Health and Medical Subpanel Debbie Condrey - Chief Information Officer Virginia Department of Health December 16, 2013 Virginia.

Similar presentations

Ads by Google