Healthcare Information Security Podcast

Interview with Cliff Baker of HITRUST Alliance For too many healthcare organizations, information security is about regulatory compliance - requirements and checklists. It's time for patients, privacy and true information security to be prioritized, says Cliff Baker, Chief Strategy Officer with the HITRUST Alliance. In an exclusive interview, Baker discusses: Key healthcare security issues and how HITRUST addresses them; Privacy and information security trends to track in 2010; How healthcare organizations can focus less on compliance, more on security. Baker specializes in information security, privacy and compliance for healthcare organizations. He has 15 years of experience with information security for healthcare organizations, including developing strategic plans for a number of global and national organizations, working on multi-year complex system implementations, and assisting organizations with board level risk management decisions. Baker has worked with leading providers, health plans, and pharmaceutical companies on a number of strategic, compliance and tactical solutions. In his current role as Chief Strategy Officer for HITRUST, he is collaborating with organizations to define the focus areas for HITRUST that deliver the most value and support for the adoption of consistent information security practices in healthcare. Prior to joining HITRUST, Cliff led PricewaterhouseCoopers' Healthcare-Provider Security and HIPAA practice. He is the author of a book on database security and several healthcare specific whitepapers, and he has presented in many privacy and security forums across the country. The Health Information Trust Alliance (HITRUST) is a private, independent company created to establish a common security framework that will allow for more effective and secure access, storage and exchange of personal health information. HITRUST is bringing together a broad array of healthcare organizations and stakeholders, who are united by the core belief that standardizing a higher level of security will build greater trust in the electronic flow of information through the healthcare system.

Social networking. Cyberbullying. Identity theft. There are myriad threats to children as they explore their online universe. And to counter these threats is Safe and Secure Online, a new interactive presentation that brings information security professionals into classrooms to give sound advice to 11-14-year-old children. Delivered by (ISC)2, Safe and Secure Online relies on material developed by former school teachers, but delivered by certified information security professionals. David Melnick of Deloitte and (ISC)2 discusses: The need for Safe and Secure Online; How the program will be delivered and measured; Ways businesses, government agencies and information security professionals can help. Melnick is a principal in security and privacy services within the audit and enterprise risk services practice in the Los Angeles office of Deloitte and brings more than 17 years of experience designing, developing, managing and auditing large scale secure technology infrastructure. Melnick has authored several technology books and is a frequent speaker on the topics of security and electronic commerce.

Social networking. Cyberbullying. Identity theft. There are myriad threats to children as they explore their online universe. And to counter these threats is Safe and Secure Online, a new interactive presentation that brings information security professionals into classrooms to give sound advice to 11-14-year-old children. Delivered by (ISC)2, Safe and Secure Online relies on material developed by former school teachers, but delivered by certified information security professionals. David Melnick of Deloitte and (ISC)2 discusses: The need for Safe and Secure Online; How the program will be delivered and measured; Ways businesses, government agencies and information security professionals can help. Melnick is a principal in security and privacy services within the audit and enterprise risk services practice in the Los Angeles office of Deloitte and brings more than 17 years of experience designing, developing, managing and auditing large scale secure technology infrastructure. Melnick has authored several technology books and is a frequent speaker on the topics of security and electronic commerce.

Social networking. Cyberbullying. Identity theft. There are myriad threats to children as they explore their online universe. And to counter these threats is Safe and Secure Online, a new interactive presentation that brings information security professionals into classrooms to give sound advice to 11-14-year-old children. Delivered by (ISC)2, Safe and Secure Online relies on material developed by former school teachers, but delivered by certified information security professionals. David Melnick of Deloitte and (ISC)2 discusses: The need for Safe and Secure Online; How the program will be delivered and measured; Ways businesses, government agencies and information security professionals can help. Melnick is a principal in security and privacy services within the audit and enterprise risk services practice in the Los Angeles office of Deloitte and brings more than 17 years of experience designing, developing, managing and auditing large scale secure technology infrastructure. Melnick has authored several technology books and is a frequent speaker on the topics of security and electronic commerce.

Interview with Myra Gray, Director, U.S. Army Biometrics Task Force Though fingerprint and iris scans have advantages over passwords and magnetic identity cards as a means to grant access to IT systems, in many instances, the biometric technologies aren't ready to be employed alone, says Myra Gray, director of the U.S. Army's Biometrics Task Force. "Actually, it's an outstanding method for good, strong identity assurance," Gray said in an interview with GovInfoSecurity.com. "But before we go throwing out passwords and usernames, I'd like to articulate that biometrics is one tool of many. It should be part of the portfolio that's used to protect against identity theft." Gray explained that three things exist to prove ones identity: What you know, such as a password; what you have, a magnetic card or token; and what you are - "something that's uniquely you" - an iris, a fingerprint "The power, it not just picking one over other, but setting up a construct that utilizes all of those as appropriate" Gray said. "You probably don't need all three of those to buy coffee at the 7-Eleven. but if you were to get into a super-secure facility somewhere, you may very well want to substantiate a methodology to getting into that facility that utilize all three of those methods: What you are, what you have and what you know." In the interview, with GovInfoSecurity.com Managing Editor Eric Chabrow, Gray discusses the: Mission of the Biometrics Task Force, charged with coordinating biometrics use and development throughout the military; Biometric technologies employed on the battlefield and to combat cyber terrorism; and Synergies between biometrics used by U.S. fighting forces and those to secure government IT assets. The Biometrics Task Forces leads Department of Defense activities to program, integrate, and synchronize biometric technologies and capabilities and to operate and maintain DoD's authoritative biometric database to support the national security strategy. Gray, who has headed the task force since July 2007, also serves as executive manager of DoD biometrics. She joined the Defense Department 24 years ago as a Naval mathematician, rising through the ranks, with her last position as assistant secretary of the Army for acquisition, logistics and technology in the Future Force Integration Office. She holds a doctorate in research and engineering management from Southeastern Institute of Technology in Huntsville, Ala. � � � GovInfoSecurity.com last month interviewed Lisa Swan, deputy director of the Biometrics Task Force. Click here to listen to Biometrics: From Kabul to Washington, the podcast interview with Swan.

Interview with Myra Gray, Director, U.S. Army Biometrics Task Force Though fingerprint and iris scans have advantages over passwords and magnetic identity cards as a means to grant access to IT systems, in many instances, the biometric technologies aren't ready to be employed alone, says Myra Gray, director of the U.S. Army's Biometrics Task Force. "Actually, it's an outstanding method for good, strong identity assurance," Gray said in an interview with GovInfoSecurity.com. "But before we go throwing out passwords and usernames, I'd like to articulate that biometrics is one tool of many. It should be part of the portfolio that's used to protect against identity theft." Gray explained that three things exist to prove ones identity: What you know, such as a password; what you have, a magnetic card or token; and what you are - "something that's uniquely you" - an iris, a fingerprint "The power, it not just picking one over other, but setting up a construct that utilizes all of those as appropriate" Gray said. "You probably don't need all three of those to buy coffee at the 7-Eleven. but if you were to get into a super-secure facility somewhere, you may very well want to substantiate a methodology to getting into that facility that utilize all three of those methods: What you are, what you have and what you know." In the interview, with GovInfoSecurity.com Managing Editor Eric Chabrow, Gray discusses the: Mission of the Biometrics Task Force, charged with coordinating biometrics use and development throughout the military; Biometric technologies employed on the battlefield and to combat cyber terrorism; and Synergies between biometrics used by U.S. fighting forces and those to secure government IT assets. The Biometrics Task Forces leads Department of Defense activities to program, integrate, and synchronize biometric technologies and capabilities and to operate and maintain DoD's authoritative biometric database to support the national security strategy. Gray, who has headed the task force since July 2007, also serves as executive manager of DoD biometrics. She joined the Defense Department 24 years ago as a Naval mathematician, rising through the ranks, with her last position as assistant secretary of the Army for acquisition, logistics and technology in the Future Force Integration Office. She holds a doctorate in research and engineering management from Southeastern Institute of Technology in Huntsville, Ala. � � � GovInfoSecurity.com last month interviewed Lisa Swan, deputy director of the Biometrics Task Force. Click here to listen to Biometrics: From Kabul to Washington, the podcast interview with Swan.

Interview with Myra Gray, Director, U.S. Army Biometrics Task Force Though fingerprint and iris scans have advantages over passwords and magnetic identity cards as a means to grant access to IT systems, in many instances, the biometric technologies aren't ready to be employed alone, says Myra Gray, director of the U.S. Army's Biometrics Task Force. "Actually, it's an outstanding method for good, strong identity assurance," Gray said in an interview with GovInfoSecurity.com. "But before we go throwing out passwords and usernames, I'd like to articulate that biometrics is one tool of many. It should be part of the portfolio that's used to protect against identity theft." Gray explained that three things exist to prove ones identity: What you know, such as a password; what you have, a magnetic card or token; and what you are - "something that's uniquely you" - an iris, a fingerprint "The power, it not just picking one over other, but setting up a construct that utilizes all of those as appropriate" Gray said. "You probably don't need all three of those to buy coffee at the 7-Eleven. but if you were to get into a super-secure facility somewhere, you may very well want to substantiate a methodology to getting into that facility that utilize all three of those methods: What you are, what you have and what you know." In the interview, with GovInfoSecurity.com Managing Editor Eric Chabrow, Gray discusses the: Mission of the Biometrics Task Force, charged with coordinating biometrics use and development throughout the military; Biometric technologies employed on the battlefield and to combat cyber terrorism; and Synergies between biometrics used by U.S. fighting forces and those to secure government IT assets. The Biometrics Task Forces leads Department of Defense activities to program, integrate, and synchronize biometric technologies and capabilities and to operate and maintain DoD's authoritative biometric database to support the national security strategy. Gray, who has headed the task force since July 2007, also serves as executive manager of DoD biometrics. She joined the Defense Department 24 years ago as a Naval mathematician, rising through the ranks, with her last position as assistant secretary of the Army for acquisition, logistics and technology in the Future Force Integration Office. She holds a doctorate in research and engineering management from Southeastern Institute of Technology in Huntsville, Ala. � � � GovInfoSecurity.com last month interviewed Lisa Swan, deputy director of the Biometrics Task Force. Click here to listen to Biometrics: From Kabul to Washington, the podcast interview with Swan.

Many people are now considering healthcare for the first time. Dr. Robert Mandel has dedicated his entire career to the field. Now senior VP of health care services for BlueCross BlueShield of Tennessee, Mandel takes time to discuss: His organization's healthcare and privacy concerns; Healthcare trends he's tracking; The issues that matter most to him in the ongoing healthcare discussion. Mandel is responsible for overall clinical strategy, transformative medical management delivery, clinical network operations, strategic medical policy positioning, and clinical operational success of the company's commercial business and established markets unit. Prior to joining BlueCross in October 2008, Mandel served as vice president of health care services for BlueCross BlueShield of Massachusetts. He has more than 11 years of senior leadership experience in health systems and health plan management.

Many people are now considering healthcare for the first time. Dr. Robert Mandel has dedicated his entire career to the field. Now senior VP of health care services for BlueCross BlueShield of Tennessee, Mandel takes time to discuss: His organization's healthcare and privacy concerns; Healthcare trends he's tracking; The issues that matter most to him in the ongoing healthcare discussion. Mandel is responsible for overall clinical strategy, transformative medical management delivery, clinical network operations, strategic medical policy positioning, and clinical operational success of the company's commercial business and established markets unit. Prior to joining BlueCross in October 2008, Mandel served as vice president of health care services for BlueCross BlueShield of Massachusetts. He has more than 11 years of senior leadership experience in health systems and health plan management.

Many people are now considering healthcare for the first time. Dr. Robert Mandel has dedicated his entire career to the field. Now senior VP of health care services for BlueCross BlueShield of Tennessee, Mandel takes time to discuss: His organization's healthcare and privacy concerns; Healthcare trends he's tracking; The issues that matter most to him in the ongoing healthcare discussion. Mandel is responsible for overall clinical strategy, transformative medical management delivery, clinical network operations, strategic medical policy positioning, and clinical operational success of the company's commercial business and established markets unit. Prior to joining BlueCross in October 2008, Mandel served as vice president of health care services for BlueCross BlueShield of Massachusetts. He has more than 11 years of senior leadership experience in health systems and health plan management.

Interview with Lisa SwanDeputy DirectorBiometrics Task Force, U.S. Army American combat forces deployed in Afghanistan and Iraq employ biometrics to tell our friends from insurgents and terrorists. Back home, the Defense Department uses similar fingerprint, iris and facial recognition tools to manage access to military bases and IT systems. Coordinating Defense Department efforts to find new uses of biometrics on the battlefield and back home is the Army's Biometrics Task Force, which leads Defense Department efforts to program, integrate and synchronize biometric technologies and capabilities. The task force also operates DoD's biometrics database that supports the nation's security strategy. In an interview with GovInfoSecurity.com's Eric Chabrow, Deputy Director Lisa Swan discusses the: Synergy between the use of biometrics in combat and in the office; Best situations to employ biometrics as a tool to authentic user access to IT systems; and Evolution of biometrics as an authentication tool and where new research may pay off. Swan began her government service 20 years ago. Prior to her current assignment, she served as director of the task force's Biometrics Integration Directorate, overseeing the integration, coordination, and synchronization of biometric technologies and capabilities across the Department of Defense. She holds a BS in material engineering from North Carolina State University and two MS degrees, one in systems engineering from Virginia Tech and the other in national resource management from the National Defense University.

Interview with Lisa SwanDeputy DirectorBiometrics Task Force, U.S. Army American combat forces deployed in Afghanistan and Iraq employ biometrics to tell our friends from insurgents and terrorists. Back home, the Defense Department uses similar fingerprint, iris and facial recognition tools to manage access to military bases and IT systems. Coordinating Defense Department efforts to find new uses of biometrics on the battlefield and back home is the Army's Biometrics Task Force, which leads Defense Department efforts to program, integrate and synchronize biometric technologies and capabilities. The task force also operates DoD's biometrics database that supports the nation's security strategy. In an interview with GovInfoSecurity.com's Eric Chabrow, Deputy Director Lisa Swan discusses the: Synergy between the use of biometrics in combat and in the office; Best situations to employ biometrics as a tool to authentic user access to IT systems; and Evolution of biometrics as an authentication tool and where new research may pay off. Swan began her government service 20 years ago. Prior to her current assignment, she served as director of the task force's Biometrics Integration Directorate, overseeing the integration, coordination, and synchronization of biometric technologies and capabilities across the Department of Defense. She holds a BS in material engineering from North Carolina State University and two MS degrees, one in systems engineering from Virginia Tech and the other in national resource management from the National Defense University.

Interview with Lisa SwanDeputy DirectorBiometrics Task Force, U.S. Army American combat forces deployed in Afghanistan and Iraq employ biometrics to tell our friends from insurgents and terrorists. Back home, the Defense Department uses similar fingerprint, iris and facial recognition tools to manage access to military bases and IT systems. Coordinating Defense Department efforts to find new uses of biometrics on the battlefield and back home is the Army's Biometrics Task Force, which leads Defense Department efforts to program, integrate and synchronize biometric technologies and capabilities. The task force also operates DoD's biometrics database that supports the nation's security strategy. In an interview with GovInfoSecurity.com's Eric Chabrow, Deputy Director Lisa Swan discusses the: Synergy between the use of biometrics in combat and in the office; Best situations to employ biometrics as a tool to authentic user access to IT systems; and Evolution of biometrics as an authentication tool and where new research may pay off. Swan began her government service 20 years ago. Prior to her current assignment, she served as director of the task force's Biometrics Integration Directorate, overseeing the integration, coordination, and synchronization of biometric technologies and capabilities across the Department of Defense. She holds a BS in material engineering from North Carolina State University and two MS degrees, one in systems engineering from Virginia Tech and the other in national resource management from the National Defense University.

Healthcare and privacy - they have emerged as two huge topics in 2009, and Nick Mankovich of Philips Healthcare blends both of them into his career. Director of Product Security & Privacy, Mankovich discusses: His customers' main privacy and medical device security concerns - and how they are being addressed; Trends he's tracking in privacy and security; Regulations, threats and topics such as medical ID theft that need more attention in the national healthcare dialogue. Mankovich leads the worldwide Philips Healthcare programs both Product Security and Privacy. Each program organizes a team of subject matter experts that (1) address policies, requirements, and issues around security-designed-in products and services and (2) directs all elements of privacy compliance in the Philips Healthcare business. Prior to his seven years in Philips Healthcare, he spent seven years as a research department head with Philips Research, where he led groups working on advanced projects in medical informatics, security/cryptography/privacy, digital video content management, digital rights management, and interactive digital television. This corporate work was preceded by 15 years in medical imaging including hospital management positions in medical informatics, radiological engineering, and academic appointments in Biomedical Engineering at the University of Iowa, in Radiological Sciences at the UCLA School of Medicine and in Computer Science at the University of New South Wales in Sydney Australia.

Healthcare and privacy - they have emerged as two huge topics in 2009, and Nick Mankovich of Philips Healthcare blends both of them into his career. Director of Product Security & Privacy, Mankovich discusses: His customers' main privacy and medical device security concerns - and how they are being addressed; Trends he's tracking in privacy and security; Regulations, threats and topics such as medical ID theft that need more attention in the national healthcare dialogue. Mankovich leads the worldwide Philips Healthcare programs both Product Security and Privacy. Each program organizes a team of subject matter experts that (1) address policies, requirements, and issues around security-designed-in products and services and (2) directs all elements of privacy compliance in the Philips Healthcare business. Prior to his seven years in Philips Healthcare, he spent seven years as a research department head with Philips Research, where he led groups working on advanced projects in medical informatics, security/cryptography/privacy, digital video content management, digital rights management, and interactive digital television. This corporate work was preceded by 15 years in medical imaging including hospital management positions in medical informatics, radiological engineering, and academic appointments in Biomedical Engineering at the University of Iowa, in Radiological Sciences at the UCLA School of Medicine and in Computer Science at the University of New South Wales in Sydney Australia.