Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations Grant County Bar Association June 14, 2011 Kim J. Brand PresidentFounder.

Slides:



Advertisements
Similar presentations
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Advertisements

Data Storage & Security Dr Alastair F. Brown Head of Computing MRC Human Genetics Unit MRC Institute of Genetics and Molecular Medicine The University.
Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.
GRAD 521, Research Data Management Winter 2014 – Lecture 7 Amanda L. Whitmire, Asst. Professor.
Thoughts on Technology Issues for Small Business Data Security for Mobile Access Devices.
Backup and Disaster Recovery (BDR) A LOGICAL Alternative to costly Hosted BDR ELLEGENT SYSTEMS, Inc.
Data Storage and Security Best Practices for storing and securing your data The goal of data storage is to ensure that your research data are in a safe.
AmadeusCybersecurity: the essentials12 th November 2014 Alex van Someren Family Office Forum 12 th November 2014, Zurich Cybersecurity: the essentials.
1 COMPUTER SECURITY AND ETHICS Chapter Five. Computer Security Risks 2.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Policies.
Data Lost. What’s the cost? How to get your data back: Disaster Planning and Recovery Prevent losing data in the first place : Data Protection Go Virtual.
IT’s Gone Mobile: How to do your Job Anywhere Jason Hand IT Specialist, Central NM Electric Cooperative Jason Hand Cell:
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.
Steps to Compliance: Electronic Devices Overview PRESENTED BY.
Back Up and Recovery Sue Kayton February 2013.
AgVantage IT Services Systems Management Team Partnered with You and IBM® Agenda Disaster Recovery Service Disaster Recovery Service IT Visors IT Visors.
New Data Regulation Law 201 CMR TJX Video.
Information Security Information Technology and Computing Services Information Technology and Computing Services
Password Management Programs By SIR Phil Goff, Branch 116 Area 2 Computers and Technology April 18,
November 2009 Network Disaster Recovery October 2014.
Digital Literacy. Productivity Programs Digital Literacy Courses and Topics Computer Basics Security and Privacy Internet and Web Basics Digital Lifestyle.
Data Security GCSE ICT.
Protecting ICT Systems
Elite Networking & Consulting Presents: Everything You Wanted To Know About Data Insurance* * But Were Afraid To Ask Elite Networking & Consulting, LLC,
Introduction to Information and Computer Science Security Lecture b This material (Comp4_Unit8b) was developed by Oregon Health and Science University,
IT Security for Users By Matthew Moody.
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
1.1 System Performance Security Module 1 Version 5.
Keeping you Running Part I Experiences in Helping Local Governments Develop Cyber Security and Continuity Plans and Procedures Stan France & Mary Ball.
2015 Risky Business Week Welcome to the 2015 Risky Business Week presentation regarding disaster recovery Risky Business Week.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.
Chapter X When can I consider my personal data secure?
DISCOVER IT PEACE OF MIND Staying HIPAA-Compliant Revised: April 13, 2015.
Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
{ Active Directory Security Why bother?.   Law #1: Nobody believes anything bad can happen to them, until it does   Law #2: Security only works if.
© 2001 by Prentice Hall11-1 Local Area Networks, 3rd Edition David A. Stamper Part 4: Installation and Management Chapter 11 LAN Administration: Backup.
Secure Data Sharing What is it Where is it What is the Risk – Strategic > What Policy should be enforced > How can the process be Audited > Ongoing Process.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
INTERNET SAFETY FOR KIDS
Chapter 2 Securing Network Server and User Workstations.
How Not to Have Your Research Stolen or Corrupted Security Best Practices and Resources at Brandeis Melanie Radik and Raphael Fennimore Library & Technology.
KTAC Security Task Force Superintendents Update April 23, 2015.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Cloud Archive By: Kimberly Nolan. What it is?  The goal of a cloud archiving service is to provide a data storage (ex. Google drive and SkyDrive) as.
Enw / Name. What is a on-line / paper based data capture form Can you give an example where each are used? Automated data capture systems are used around.
Computer Security Sample security policy Dr Alexei Vernitski.
Technical and organisational measures for protecting data and ensuring data security Simon Rice Group Manager (Technology) 29 May 2014.
Staff Induction Log On Credentials & Security Resources Web Applications / Software LanSchool Projectors / Cameras / Printing Laptops / WiFi.
KeepItSafe Solution Suite Securely control and manage all of your data backups with ease, from a single location. KeepItSafe Online Backup KeepItSafe.
What is YOUR Data Worth???. “Just because you're paranoid doesn't mean they aren't after you.” Joseph Heller, Catch-22.
Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.
Part One Progress Check. Was your result as good as you hoped? The ‘multiple choice’ questions are OK if you know your stuff But the ‘longer’ questions.
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 3 This material was developed by Oregon Health & Science University,
Unit 4 IT Security.
People used to install software on their computers
Ways to protect yourself against hackers
CYB 110 Education Begins / Snaptutorial.com. CYB 110 All Assignments For more classes visit CYB 110 Week 1 Individual Protecting.
+Vonus: An Intuitive, Cloud-Based Point-of-Sale Solution That’s Powered by Microsoft Office 365 with Tools to Increase Sales Using Social Media OFFICE.
Back Up and Recovery Sue Kayton October 2015.
12 STEPS TO A GDPR AWARE NETWORK
Information Security Awareness
Unit 4 IT Security Kerris Davies.
24/7/365 Remote Computer Support
Introduction to the PACS Security
Presentation transcript:

Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations Grant County Bar Association June 14, 2011 Kim J. Brand PresidentFounder

1. Threats vs Risks

The ‘Bad’ things that can happen. vs. How much does it cost?

1. Threats vs Risks 2. Acts of God Acts of Violence Acts of Stupidity

1. Threats vs Risks 2. Acts of God Acts of Violence Acts of Stupidity 3. Defenses: Backups Systems Policies Training Audits

4. The ‘Backup’ Goals Recovery Point Objective - RPO Recovery Time Objective - RTO Saving the right stuff Keeping backups safe

4. The ‘Backup’ Goals Recovery Point Objective - RPO Recovery Time Objective - RTO Saving the right stuff Keeping backups safe Balance... Peace of mind Responsibility Economy

Viruses, Trojans and Malware – Oh my!

5. Where is your data?

Office? PC Server Copier Laptop? Mobile device? Cloud?

6. Security vs Safety…

Intentional Acts vs. Unintentional Acts

6. Security and Safety… Passwords? Encryption? At rest In transit Wireless Access Retention Policies? Remote Access?

6. Security and Safety… Recommended password policies: 8+ characters Letters & Numbers Mixed case: A-Z, a-z Special characters: Changed 4x year No repeats for 1+ year

6. Security and Safety… Recommended password policies: 8+ characters Letters & Numbers Mixed case: A-Z, a-z Special characters: Changed 4x year No repeats for 1+ year Security ‘tokens’

Why is Backup hard? Lots more stuff in more places Different threats – different defenses Backup software is complicated Backup media is a security risk Bad organization habits Restore is needed infrequently;... practice is risky!

Why is Backup hard? Lots more stuff in more places Different threats – different defenses Backup software is complicated Backup media is a security risk Bad organization habits Restore is needed infrequently;... practice is risky! Remember: Backup is boring, Restore is EXCITING!

A special case: Laptops 65% of PCs sold last year were laptops 1:10 Lost or stolen Confidential information on the loose Difficult to sync with office servers Portable = Abused (dropped, kicked) No user serviceable parts inside Security policies difficult to enforce

Backup System Elements... Automated Regular (daily, weekly, continuous?) Tested: Right Stuff, Valid, Monitored Accessible: Offsite vs Onsite, Credentials, Encryption Keys Granular: Ability to recovery a single file Portable: Software, Hardware, Skills Someone MUST CARE!

A “Simple System”... doesn't exist! Consider data size, type & location: Docs, Databases, , PCs, Laptops Servers, Smartphones, ‘Open Files’ Backup generations & retention issues Compliance & discovery issues Media life & custody Offsite: Cost & confidentiality issues Documentation & Support Test, Train, Review, Repeat

Disaster Recovery Must be able to duplicate the “Value Stack” Hardware OS & Updates (Licenses) Configuration: Users, Groups, etc. Software & Services (Licenses) Data Disaster Recovery is not Backup!

Let's Review The Goals RPO RTO

Let's Review The Goals RPO RTO Right Stuff Safe & Secure Value Stack

Let's Review The Goals RPO RTO Right Stuff Safe & Secure Value Stack Balance Economy Responsibility Peace of Mind

Kim recommends: ► Image hard drives: Symantec, Acronis, Comodo ► Offsite storage: Mozy, SugarSync, FileSafe! ► Written policies: P/W, retention, backup, Internet ► De-Crapify: Current, Archive, Media, , etc. ► Encrypt laptop hard drives: Winmagic, TruCrypt ► Document: P/W, providers, licenses, network, etc. ► Update versions: OS, AV, Browser, Software ► Malwarebytes, OpenDNS, LastPass, LoJack Visit: ILTSO.ORG

Pop Quiz! 5 – 4 – 3 – 2 – 1

Quiz questions: What are the five levels of the Value Stack?

Quiz questions: What are the five levels of the Value Stack? Hardware OS & Updates (Licenses) Configuration: Users, Groups, etc. Software & Services (Licenses) Data

Quiz questions: Four simple questions to ask to perform your own backup audit.

Quiz questions: Four simple questions to ask to perform your own backup audit. 1. What programs do you use? 2. Where does that program store its data? 3. When/Where does that data get backed up? 4. If you discovered missing or corrupted data, what would you do?

Quiz questions: The 'Three Threats' data safety model

Quiz questions: The 'Three Threats' data safety model 1. Acts of God 2. Acts of Violence 3. Acts of Stupidity

Quiz questions: The difference between ‘Safety’ and ‘Security’?

Quiz questions: The difference between ‘Safety’ and ‘Security’? Safety regards unintentional acts Security regards intentional acts

Quiz questions: The one Most Important Thing you can do to keep your data safe:

Quiz questions: The one Most Important Thing you can do to keep your data safe: Put Someone in charge of Data Safety & Security!

These slides and other resources are available online at: Thank You!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.