Presentation is loading. Please wait.

Presentation is loading. Please wait.

General Session/ Presentation: “Cross Training: Security Best Practices from Other Industries”.

Published byEdmund Campbell Modified over 9 years ago

Similar presentations

Presentation on theme: "General Session/ Presentation: “Cross Training: Security Best Practices from Other Industries”."— Presentation transcript:

1 General Session/ Presentation: “Cross Training: Security Best Practices from Other Industries”.

2 Mick Talley: Mick Talley: The Financial Services Perspective. The Financial Services Perspective. Chair: HIMSS Security & Privacy Chair: HIMSS Security & Privacy Task Force. Task Force. Recently completed whitepaper on “Crafting Healthcare Identify Management on Industry Best Practices”. “Crafting Healthcare Identify Management on Industry Best Practices”.

3 “Lessons from Financial Services” -- Begin with point of view that “the providers, insurance companies, and the banks have an equal interest in validating that the individual is “who they say they are.” -- Goal: Accurate identification of an individual and the linking of all that individual’s related health information within and across healthcare and financial institutions.

4 ONC Final Report ONC Final Report Feb. 7, 2014 “Patient Feb. 7, 2014 “Patient Identification and Matching” Identification and Matching” Basic Principles: --Patient safety and quality of care. --Improvement should reflect a real world impact on the workflow of clinical impact on the workflow of clinical and administrative personnel. and administrative personnel. --Improvements should be multi-faceted and incremental with no single solution and incremental with no single solution or step which is final. or step which is final.

5 ONC Final Report: ONC Final Report: Feb. 7, 2014. Feb. 7, 2014. --Improvements should apply to all sizes And types of provider settings, with a broad set of use cases, involving multiple stakeholders across networks of multiple IT platforms. --We need to test and validate the use of authentication technologies and increase the comfort level of diverse stakeholders across networks. --HIMSS Task Force Conclusion. (July 2014) --HIMSS Task Force Conclusion. (July 2014)

6 Five Authentication Five Authentication Processes deployed by financial institutions: 1.) Something you know, you have, your are. 2.) Pre-shared secret, such as User ID & password, with PIN. 3.) Asymmetric cryptographic key pairs, one private and one public. 4.) One-time passwords. 5.) Bio-metric combined for two-factor authentication for NIST 800-63, Level 3 of assurance.

7 Task Force Recommendation: “The healthcare industry might best be served by conducting a set of pilots of each of the five processes that include a method of monitoring the success of each against a common criteria”. --HIMSS Task Force for Security & Privacy, July 2014.

8 Mick Talley Southeast Michigan Health Information Exchange. (SEMHIE) mtalley@university-bank.com

Download ppt "General Session/ Presentation: “Cross Training: Security Best Practices from Other Industries”."

Similar presentations

Integrated Healthcare Management system. Standards based design. [ Supports HXP (Health Exchange Protocol) a standard in exchanging health care data ]

Integrated Healthcare Management system. Standards based design. [ Supports HXP (Health Exchange Protocol) a standard in exchanging health care data ]
Copyright © Healthcare Quality Quest, 2013. Proposed standards for a national clinical audit — How we got involved and what we have learned.

Copyright © Healthcare Quality Quest, Proposed standards for a national clinical audit — How we got involved and what we have learned.
Virtual Clipboard Pilot. Sullivan Institute / MGMA Meeting Dec. 9 Held in Wash DC at BCBSA WEDI Health ID Card + ONC Blue Button = Patient In-take Process.

Virtual Clipboard Pilot. Sullivan Institute / MGMA Meeting Dec. 9 Held in Wash DC at BCBSA WEDI Health ID Card + ONC Blue Button = Patient In-take Process.
HIMSS/GSA E-Authentication Initiative A Pilot Project of the HIMSS RHIO Federation HIMSS Public Policy Forum September 28, 2006 Mary Grizkewicz, HIMSS.

HIMSS/GSA E-Authentication Initiative A Pilot Project of the HIMSS RHIO Federation HIMSS Public Policy Forum September 28, 2006 Mary Grizkewicz, HIMSS.
SETECS MIX – ® ™ Secure Medical Information Exchange System ® ™ SETECS MIX Secure Medical Information Exchange System Demonstration of System Components.

SETECS MIX – ® ™ Secure Medical Information Exchange System ® ™ SETECS MIX Secure Medical Information Exchange System Demonstration of System Components.
15 Tactical Improvements to IT Security Virtual Keyboard, Two Factor Authentication, Active Confirmation and FAA Access to CPS Online Ganesh Reddy.

15 Tactical Improvements to IT Security Virtual Keyboard, Two Factor Authentication, Active Confirmation and FAA Access to CPS Online Ganesh Reddy.
ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.

ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.
Delivering the right data to the right person at the right time Improving services to patients with long- term conditions Professor Michael Thick Chief.

Delivering the right data to the right person at the right time Improving services to patients with long- term conditions Professor Michael Thick Chief.
HIT Policy Committee Privacy and Security Tiger Team Deven McGraw, Chair Paul Egerman, Co-Chair Certificate Authority- Provider Authentication Recommendations.

HIT Policy Committee Privacy and Security Tiger Team Deven McGraw, Chair Paul Egerman, Co-Chair Certificate Authority- Provider Authentication Recommendations.
DICOM and Integrating the Healthcare Enterprise: Five years of cooperation and mutual influence Charles Parisot Chair, NEMA Committee for advancement of.

DICOM and Integrating the Healthcare Enterprise: Five years of cooperation and mutual influence Charles Parisot Chair, NEMA Committee for advancement of.
Case Study: Password Authentication in eHealth Applications

Case Study: Password Authentication in eHealth Applications
Update on Interoperability Roadmap Comments Sections E, F, and G Transport & Security Standards Workgroup Dixie Baker, chair Lisa Gallagher, co-chair March.

Update on Interoperability Roadmap Comments Sections E, F, and G Transport & Security Standards Workgroup Dixie Baker, chair Lisa Gallagher, co-chair March.
1 Promoting Safe Medicine With Track and Trace Systems SRC Technologies, Inc.

1 Promoting Safe Medicine With Track and Trace Systems SRC Technologies, Inc.
User Authentication Recommendations Transport & Security Standards Workgroup December 10, 2014.

User Authentication Recommendations Transport & Security Standards Workgroup December 10, 2014.
Privacy and Security Workgroup: Big Data Public Hearing December 8, 2014 Deven McGraw, chair Stan Crosley, co-chair.

Privacy and Security Workgroup: Big Data Public Hearing December 8, 2014 Deven McGraw, chair Stan Crosley, co-chair.
The Office of Information Technology Two-Factor Authentication.

The Office of Information Technology Two-Factor Authentication.
Enhancing Information Systems Security Through Biometrics October 2004 Security Strategy for a Biometrics Deployment Catherine Allan, M.A., CISSP, CD Allan.

Enhancing Information Systems Security Through Biometrics October 2004 Security Strategy for a Biometrics Deployment Catherine Allan, M.A., CISSP, CD Allan.
Large-Scale, Cost-Effective, Progressive Authentication and Identify Management Solutions Enabling Security, Efficiency and Collaboration through Technology.

Large-Scale, Cost-Effective, Progressive Authentication and Identify Management Solutions Enabling Security, Efficiency and Collaboration through Technology.
Air Force Association (AFA) 1. 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat.

Air Force Association (AFA) 1. 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat.
Privacy and Security Tiger Team Meeting Discussion Materials Today’s Topic Recommendations on Trusted Identities for Providers in Cyberspace August 20,

Privacy and Security Tiger Team Meeting Discussion Materials Today’s Topic Recommendations on Trusted Identities for Providers in Cyberspace August 20,

Similar presentations

Ads by Google