Recording

Cybersecurity: Emerging Threats to Hospitals
Understanding the risks and what you can do to avoid an attack

Overview

Cyberattacks are on the rise and hospitals are being targeted. Worldwide, the number of cyberattacks increased 40 percent and, in 2015, criminal attacks became the number one root cause of data breaches in health care.

What can you do to protect your hospital against an attack? What would you do if suddenly your computer systems shut down and patient records were encrypted?

Hear how one California hospital responded to and recovered from a ransomware attack, including the return to paper records. Find out what law enforcement and regulatory agencies were involved in the event and how drilling for a disaster helped the hospital’s response and recovery.

Learn what the FBI and other government agencies are doing to protect the nation — and hospitals in particular — from cyberattacks. Identify critical strategies you can implement now to protect your hospital from cyberattacks, as well as steps to take if you become a victim.

Gather key hospital staff and listen to this informative webinar.

Recommended for:

Chief executive officers, chief operating officers, chief financial officers, chief information officers, chief medical officers, in-house legal counsel, risk managers, compliance officers, emergency preparedness coordinators

Agenda

Hit by Ransomware: The Hollywood Presbyterian Experience

  • How the event unfolded
  • Impact on the system, patient care and hospital operations — a return to the ‘70s and paper records
  • Regulatory reviews by CDPH, CMS and the California Board of Pharmacy
  • Recovery
  • Lessons learned — the good, the bad and the ugly

Cybersecurity: An Emerging Threat

  • Cybersecurity as a national and FBI priority
  • Why is this happening? Who are the hackers and what are they after?
  • Ransomware – your money or your data

How to Mitigate Risks for Your Hospital

  • What to do to prevent an attack; essentials precautions
  • Vulnerabilities – how do they get into your system?
  • Pre-breach advice

What to Do if You Suspect an Attack

  • Who do you call? The role of the FBI, DOJ, DHS, local law enforcement and other agencies/partnerships
  • What to expect when the FBI arrives
  • Incident handling
  • Post-breach activities

The Link to Emergency Preparedness and Concluding Comments

  • Drilling, and working with staff and key partners
  • Activating the Hospital Incident Command System
  • Business continuity

Faculty

Steve Giles is the chief information officer for Hollywood Presbyterian Medical Center where he focuses on enhancing the hospital’s information systems to improve patient care delivery and overall business operations. He has more than 30 years of health care information technology experience and has served in a number of executive positions throughout his extensive career. Mr. Giles is a member of several professional associations, including ACHE, HIMSS and HFMA, and often serves as a guest lecturer at the University of Southern California’s Graduate School of Public Health.

Tom Osborne is assistant special agent in charge for the Federal Bureau of Investigation’s (FBI) National Security Branch. In this role, he oversees international and domestic terrorism programs, as well as counterintelligence and cyber programs. A 20-year veteran, Mr. Osborne previously worked with the FBI’s Computer Crimes Squad and the Sacramento Division’s Cyber Crimes Program, and served as Unit Chief of the Counterterrorism Internet Target Unit, where he led a team that managed investigations targeting terrorists’ use of the Internet.

Deron McElroy is the Department of Homeland Security’s (DHS) Cyber Security Advisor for California, Nevada, Arizona, Hawaii and the Pacific Territories, where he is focused on building partnerships to enhance our nation’s cyber resilience. Mr. McElroy helps organizations navigate and access the Critical Infrastructure Cyber Community (C³) Voluntary Program and NIST Cybersecurity Framework. He previously served as Senior Strategist for the DHS Office of Cybersecurity and Communications, leading the creation and development of the nation’s cyber incident response policy, playing a key role in the stand-up of the National Cybersecurity and Communications Integration Center, and participating in information sharing policy development.

CHA Staff
Cheri Hummel, Vice President, Emergency Management & Facilities
Lois Richardson, Esq., Vice President, Privacy & Legal Publications/Education

Resources

CHA is maintaining a web page to help members remain up-to-date on the latest in cybersecurity news and developments. A number of helpful resources, including the newly-developed Health Care Cybersecurity at a Glance document, are available to assist hospitals with managing an effective cybersecurity program. To learn more, visit www.calhospital.org/cybersecurity.

Commands