February 19 – 23, 2017
Orange County Convention Center | Orlando, Florida
Welcome to our HIMSS17 page where we will communicate all things related to the upcoming annual HIMSS conference in Orlando. Check back often, as events leading up to HIMSS will be updated regularly.
Case Study: Making the Right Investment in Security
Tuesday, February 21st
2:30 – 3:30pm
Tangerine Ballroom, F4
VP and CIO
Tallahassee Memorial Healthcare
Co-Founder and CEO
2016 brought multiple high-profile breaches and cyberattacks, including many that disrupted healthcare organizations’ ability to provide basic care. With a plethora of highly-automated, information-reliant technology being used in healthcare organizations nationwide, the industry simply cannot afford not to invest in security measures that protect both their businesses and their patients. Presenters will explain to attendees that mere HIPAA compliance does not constitute a comprehensive privacy and security program and describe how OCR can and should offer guidance for providers in knowing what, where, when and how to invest in security to meet evolving threats and demands. More importantly, presenters will discuss what healthcare organizations should be doing today to ensure they are making the right investments in data security drawing from a real-world case study.
- Assess the current healthcare security landscape and efficacy of the enforcement environment
- Describe what efforts are required by OCR to encourage provider due diligence in security
- Calculate appropriate provider investment in security infrastructure
- Identify best practices for security investment and cyber defense drawing from a case study
Balancing Patient Privacy with Patient Engagement Efforts
Wednesday, February 22nd
11:30am – 12:30pm
Mercy del Ray
Chief Privacy Officer
Baptist Health South Florida
VP, Compliance Strategies
Healthcare organizations are facing significant challenges aligning their business practices to keep up with shifting federal requirements to provide patients increased control of their medical records and directing healthcare providers and payers to share patient health records. OCR has aggressively pushed the boundaries to the Patient Right of Access, amendment and sharing of their health records. As one OCR leader put it, “whatever the patient wants to do with their information, it’s her right to have it and to have it in the form or format that she wants it.” This session will identify the key drivers of federal policy empowering patient control and access and explain how organizations can leverage these drivers to adopt policies and processes that meet these requirements as well as the expectations of patients. It will also examine information security issues that organizations should consider to ensure they have appropriate safeguards in place.
- Identify key drivers of federal policy empowering patient control and access to their health records
- Evaluate current OCR guidance on patient access to health information and sharing with third parties
- Describe best practices for giving patient choices in accessing and sharing their health information
CynergisTek will be hosting Booths 2093 and 1734 in the exhibition hall, along with Auxilio and RedSpin. Stop by during the event to learn more about our recent acquisition by Auxilio, meet with our team and discuss your organization’s privacy and security concerns. Team members who will be present at HIMSS17 include:
- Harry Martin, VP Sales and Marketing, Auxilio
- Jason Hansen, Vice President of Business Development, Auxilio
- Adam Hawkins, VP of Sales, CynergisTek
- Matthew DiMatteo, Director of Client Services, CynergisTek
- Melody Crosby, Director of Client Services, CynergisTek
- Bonnie Bottini, Director of Client Services, CynergisTek
- Trish Alexander, Director of Account Management, CynergisTek
While there, you can also watch a hacking demo by our Sr. Penetration Tester John Nye or play our interactive phishing game (see below for details).
Come see John Nye the Hacking Guy (CynergisTek’s Sr. Penetration Tester John Nye) demonstrate the latest tools and techniques that are being used by hackers to gain access to sensitive data. He will also discuss how to keep data safe and the steps that should be taken to improve security and decrease the risks.
Demo 1: Wireless Worries
Today’s technology has been striving for a single purpose for some time: freedom from wires. In that pursuit our devices – whether they be a phone, computer, watch, or even BlueTooth headphones – have become more and more reliant on wireless signals. These wireless signals we rely on vary in their safety and types. The most common is WiFi, which we use daily at work, home, and sometimes out and about. Unfortunately, there is not nearly the amount of security that our general confidence suggests. Wireless networks are a great method for attackers to gain critical information, access to systems, and even the keys to the kingdom if they play their cards right.
In this demo, we will review some of the wireless attacks that could be used against you and your organizations using some of the latest tools available.
Demo 2: Mobile Devices and Portable Hacks
It is very easy to limit the category of mobile devices to our mobile phones. While the tiny computers we carry with us everywhere are mobile devices and have some serious security and safety implications, they are not alone in this category. Laptops, tablets, hybrid devices, smart watches, and maybe even your car are all also mobile devices. Traditionally (a funny term to use when discussing IT), we have relied on perimeter security to keep our devices safe. However, we no longer live in an age of borders.
This demo will demonstrate some of the techniques and devices that attackers can use to compromise mobile devices while they are out of the border and how they can be used to bring back the attacks.
Demo 3: The Problems with Wetware
Wetware, better known as people or users, are not only the sole reason that we have IT, they are the biggest security issue there is. People, even the best and the brightest, make mistakes. These mistakes can cost us, and our organizations, dearly. People fall for scams because they want to help. Phishing and social engineering attacks work so well because of our human nature and desire to be helpful.
In this demo, we will discuss some of the tactics that attackers use to exploit the wetware that your organization relies upon. We will also discuss a few ways to help users be better prepared for scams and attacks and how we can test their response to simulated attacks.
|Date||Wireless Worries||Mobile Devices||Wetware|
|Monday, February 20th||11:30am – 12:00pm||2:30 – 3:00pm||4:30 – 5:00pm|
|Tuesday, February 21st||2:00 – 2:30pm||4:00 – 4:30pm||11:00 – 11:30am|
|Wednesday, February 22nd||10:30 – 11:00am|
Interactive Phishing Game
Can you recognize a well-crafted phishing scam? Stop by our booth to test your knowledge with our game “Squish a Phish”.
Schedule a Meeting
If you would like to schedule a meeting with a member of the CynergisTek team, fill out the form below. We will then contact you in order to schedule the exact date and time for your meeting.