1 Today and Future Healthcare Information Security Threats นายแพทย์ สุธี ทุวิรัตน์ CISA.

Slides:



Advertisements
Similar presentations
Report: ID theft claims 27 million victims over last 5 years WASHINGTON - More than 27 million people have been victims of identity theft in the last five.
Advertisements

CLINIC NET Clinic net an automated system designed to handle all clinic processes which include administrative, financial and medical processes reducing.
Red Flags Rule BAS Forum August 18, What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.
Welcome to The Park Medical Practice We aim to provide comprehensive quality patient centred primary care. Delivered by happy, motivated staff who are.
Presenting Medicare 101 and Kaiser Permanente Senior Advantage (HMO) Welcome to Kaiser Permanente Gwinnett County Government Anni Kuechenmeister Medicare.
Randy Benson RHQN Executive Director May, Compliance Issues During Survey Compliance Officers monitor healthcare facilities (hospitals and clinics)
Chapter 1.  Security Problem  Virus and Worms  Intruders  Types of Attack  Avenues of Attack 2 Prepared by Mohammed Saher Hasan.
2014 Leadership Lunch & Learn Series “SECURITY FROM THE TOP DOWN”
Forensic and Investigative Accounting Chapter 15 Cybercrime Management: Legal Issues © 2007 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL.
DHS SECURITY INCIDENT REPORTING AND RESPONSE SECURITY INCIDENT REPORTING AND RESPONSE DHS managers, employees, and other authorized information users.
CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,
“Scientists Work to Keep Hackers Out of Implanted Medical Devices” Justin Fisher.
Risk management planning related to Health Information Technology
HEALTHCARE BREACHES Andrew Kuebler MIS 534 April 15, 2015.
By Brett Kotowski.  Wireless telecommunication device that sends signals from patient to healthcare provider.  Minimizes trips to hospital patient needs.
External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.
SWN Communications Inc. | Proprietary and Confidential – Not For Distribution Send Word Now ™ March 2009 St. Vincent’s: Planning for the Unexpected Michael.
October The Insider Financial Crime and Identity Theft Hacktivists Piracy Cyber Espionage and Sabotage.
General Awareness Training
1 Personal Health Information Data Breach. What Happened? March 10, 2012: Computer hackers illegally access a Department of Technology Services (DTS)
1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.
Chapter 1- “Diversity” “In higher education they value diversity of everything except thought.” George Will.
A royal decree was issued on Feb.13, 2007 assigned the responsibility for regulating medical devices, in vitro diagnostic devices, prescription eye glasses,
How Safe Is Your Mobile Information? Issues and Safeguards for Mobile Devices Dan Morrissey, CHSP Catholic Health Initiatives Fourteenth National HIPAA.
Prepared by: Dinesh Bajracharya Nepal Security and Control.
HEALH CARE DELIVERY SYSTEM General Hospital l Facility where patients are hospitalized a short time (few days to a few weeks) l Provide a wide range.
CYBER CRIME.
Information Warfare Playgrounds to Battlegrounds.
 Dr. Syed Noman Hasany.  Review of known methodologies  Analysis of software requirements  Real-time software  Software cost, quality, testing and.
Security of the Distributed Electronic Patient Record: A Case-Based Approach James G. Anderson, Ph.D. Purdue University.
 The use of telecommunications technology to provide, enhance, or expedite health care services.  Accessing off-site databases, linking clinics or physicians'
Custom Corporate Consulting and Training Fraud: Detecting and Preventing Presented October 30, 2010 To University of Texas at Arlington Executive MBA Students.
Internet Security Breach & Its Impact on Business Operations Kim Nguyen Manish Shirke Wa Mo Saravanan Velrajan.
Assess, Inform, Educate Using Google docs in reducing incidence of patient death related to prescription Opioids.
Organ Donation Past, Present and Future Donor Identification and Referral Becky Clarke Dr Malcolm Watters 11 th June SOUTH CENTRAL.
HIT FINAL EXAM REVIEW HI120.
Information Warfare Playgrounds to Battlegrounds.
Data Security at Duke DECEMBER What happened: “At this time, we have no indication that research data or personal data managed by Harvard systems.
CONTROLLING INFORMATION SYSTEMS
Computer Crime: Identity Theft, Misuse of Personal Information, and How to Protect Yourself (Tawny Walsh, Irina Lohina, Renair Jackson, Jahmele Betterson,
Objectives Identify different types of health care facilities. Describe a typical hospital organizational structure. Identify hospital departments and.
Workplace violence is violence or the threat of violence against workers. It includes harassment, verbal abuse, threatening behavior, fighting and physical.
1 Healthcare and Cyber Security 2015: Is India Ready? Nitish Chandan Int. B.Tech CSE + LL.B Hons. Cyber Law (UPES, Dehradun) Founder & Technical Writer.
UR UMUC Healthy Fitness Center Business Solution Deanna Huntt December 1 st, 2013 University of Maryland University College.
Information Systems Design and Development Security Risks Computing Science.
Management Information System In Healthcare
Company Proprietary and Confidential Texas Association of Community Health Centers - Proprietary and Confidential Fourth and Goal: Score with Meaningful.
HIPAA THE PRIVACY RULE Reviewed December HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti-
NANCY CHOBIN, RN, AAS, ACSP, CSPM, CFER CHOBIN & ASSOCIATES CONSULTING HOT TOPICS IN STERILIZATION AND DISINFECTION.
Health Insurance. Purpose of Health Insurance  To aid individuals and families in living healthier lives, provide basic medical services and protect.
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill/Irwin Chapter 2 Clinical Information Standards – Unit 3 seminar Electronic.
PHYSICIAN ROLES AT THE HOSPITAL IN A DISASTER. (Insert Facility Name) PHYSICIAN ROLES IN THE HOSPITAL IN A DISASTER OBJECTIVES: 1.Discuss the physician.
CASE STUDIES * System Engineering, 9th Edition Sommerville.
CompSci 280 S Introduction to Software Development
HIPAA THE PRIVACY RULE Reviewed December 2012.
Antibiotics: handle with care!
Designated Infection Control Office
Cybersecurity of Medical Devices
1.03 Healthcare Trends.
How Cyber Security vulnerabilities will shape the future of Healthcare Sector Globally?
Welcome to International SOS
Case Study Walk In Clinic
Lesson 1- Introduction to Health Information Technology
Welcome to International SOS
Protecting Your Company’s Most Valuable Asset
Las Positas College Flex Day
Denmark Leads the Way In IT and Patient-Centered Primary Care 2006: An Example of High Performance Highest public satisfaction with health system among.
Presentation transcript:

1 Today and Future Healthcare Information Security Threats นายแพทย์ สุธี ทุวิรัตน์ CISA

Agenda Healthcare Information Security & Public Safety 2

Wireless Vulnerabilities The Mail surveyed 12 hospitals in the South- East. In seven we were able to pick up wireless signals that could be easily accessed without a password. They were the London hospitals Guy's, St George's and St Mary's; Kent and Sussex Hospital, in Tunbridge Wells; St Helier Hospital, in Surrey; Wexham Park Hospital, in Berkshire; and Wycombe General Hospital, in High Wycombe. 3

Hacker breaches San Diego hospital A San Diego medical center is warning patients that a hacker may have accessed their personal information. 4

Attack On A Liverpool Hospital In 1994 a hacker hacked into a Liverpool hospital and changed the medical prescriptions for patients. A nine-year-old patient who was prescribed a highly toxic mixture survived only because a nurse decided to re-check his prescription. The hacker's stated motive was, he wanted to know what kind of chaos could be caused by penetrating the hospital computer. 5

Nurse-Hacker alter Prescription The judge found Rymer guilty and sentenced him to a year in jail. And the hospital’s executive nurse said “tighter computer security” was implemented to ensure this did not happen again. Nurse-hacker Alters Hospital Prescriptions, supra. 6

Attack On Northwest Hospital in Seattle Christopher Maxwell A 20-year-old California hacker was sentenced to 37 months in federal prison for creating a virus that jeopardized patients at Northwest Hospital in Seattle, damaged computers at U.S. military installations worldwide and affected thousands of others. Investigators have identified 441,000 computer systems hacked by Maxwell's robot virus, including 104 country domains, 276 ".net" domains, 128 ".com" domains, and 28 ".edu" domains. 7

Northwest Hospital was hit on Jan. 9, The hospital's surgical, patient financing, information management, diagnostic imaging and laboratory systems were affected. Operating room doors wouldn't open, doctors' pagers didn't work, and computers in the intensive-care unit shut down. 8

The hospital switched to its disaster plan, and used runners to move medical records and lab test results. Elective medical procedures had to be rescheduled. Luckily no patients were harmed. 9

Attack on Chicago Hospitals June 14, 2007 James C. Brewer of Arlington, Texas was indicted on charges of infecting more than 10,000 computers globally with a bot, including two Chicago-area hospitals operated by the Bureau of Health Services in Cook County, Ill. The computers at the two hospitals repeatedly froze or rebooted from October to December, resulting in delayed medical services. Brewer was released on a $4,500 bond. 10

Lasik Surgery The U. S. Food and Drug Administration issued warning letters to 17 Lasik vision-correction ambulatory surgical centers after inadequate reporting systems were found during an inspection. 11

Identity Fraud Scam An employee at Johns Hopkins Hospital in Baltimore may have intentionally leaked the personal information of more than 10,000 patients, according to Dark Reading. The hospital is offering credit monitoring and fraud resolution services, as well as US$30,000 in identity theft reimbursements to the 31 victims. It has also notified the other 10,000 patients whose records were in the database. 12

Implanted Medical Devices At least 100,000 patients in the US have some sort of implanted device that reduce medical visits by sending information on a patient to a monitor that then sends the data to a doctor. These devices might be vulnerable to hackers. A team of researchers found that they were able to gain wireless control of a combination heart defibrillator and pacemaker. 13

Implanted Medical Devices They could reprogram it to shut down, and to deliver jolts of electricity that would potentially be fatal. They also were able to gather personal patient data. 14

Hacker Attack Epilepsy Forum Hacker user Java Script and Flash animations 15

HVAC System Compromised by Hacker McGraw's immediate actions could have allowed him to shut down the HVAC system at a Dallas building which contains the Carrell Clinicorthopedics facility and North Central Surgical Center. A loss of air-conditioning in the hot Texas weather could have threatened the safety of patients, staff members, and visitors. McGraw "did jeopardize [the HVAC] system," Colvin said. "It's frightening."Carrell Clinic 16

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.