Healthcare data breaches and regulatory mandates have combined to create a new standard for data security that relies heavily on system and user activity awareness. To be compliant and avoid costly breaches, organizations must to improve their ability to predict and see in near real time where incidents are likely to occur, then proactively address them to avoid risk.
Join us for this exclusive session, where you will learn:
Why system and user activity awareness is so critical to avoiding risk;
How to unlock the intelligence captured in your enterprise that's key to creating awareness and mitigating risk;
How to assess your organization's readiness to deploy or optimize leading-edge technology solutions.
In 2010 there were 18 major breaches, potential compromise of more than 500 individual records containing unprotected patient health information, reported monthly to the Office of Civil Rights (OCR). To be exact 214 total notifications were made in 2010. As bad as this sounds it was probably nowhere near the real number. Why? Because most organizations still do not have the level of system or data awareness needed to even know when unauthorized access or disclosure is occurring. This does not even address the higher number of smaller compromises that occur every day in most healthcare organizations. The take away from this ought to be validation that the old practices of relying on barriers to keep the bad guys out and data secure are not sufficient anymore.
In addition the regulatory landscape continues to have new privacy and security requirements introduced making compliance all the more challenging. It's not simply HIPAA anymore. Now its HIPAA, HITECH, PCI, FRCP, Red Flags, State laws, business partner requirements, etc. It ought to be obvious, once again, that there is an emerging standard of care in healthcare for data security that requires a more precise level of informational awareness.
Such awareness is enabled by harnessing the intelligence waiting in the log information within the enterprise. But simply collecting the logs and reviewing them reactively, or even periodically, is not enough. Healthcare today needs the right tools and technologies to automate the collection, analysis and reporting, but more importantly the need to be able to correlate multiple log inputs from myriad sources to create a more accurate picture of exactly what happened, who was involved, and the status of the information or system involved.
In this exclusive session, healthcare organizations will learn about:
Why system and data security awareness is so important and what makes it difficult in healthcare today;
Basic log management functions and why automation is necessary and critical;
Whats involved in user activity monitoring and what makes this a challenge in healthcare;
What is SIEM, how it enables proactive or near real time security and compliance, and why its such a powerful tool for transforming user behavior.
McMillan is co-founder and CEO of CynergisTek Inc., a firm specializing in information security and regulatory compliance. He has more than 30 years of federal and private sector experience in managing and delivering information security services and is chair of the HIMSS Privacy and Security Steering Committee.
Senior Solutions Marketing Manager, Novell
Brian Singer is the Senior Solutions Marketing Manager for Security Management at Novell. Brian is primarily responsible for leading the development and marketing of SIEM and Log Management solutions at Novell. Prior to joining Novell, Brian received an MBA from the MIT Sloan School of Management and worked at QLogic Corporation, developing networking hardware. Brian has a B.S. in computer engineering from Brown University.