Breaches have breached alarming levels in impact and frequency, with the average total cost of a data breach in 2014 estimated at $5.9 million, or $316 per patient record. Cybercrime in healthcare is growing, with the black market value of health records estimated in 2014 at 10-20x that of a credit card alone. Healthcare workers are empowered with more information power tools now than ever before, from smart devices, to apps, social media, wearables, Internet of Things and so on. These promise great benefits to patient care, but also bringing hidden risks. Never has security and privacy been more critical. In this session we highlight 2014 HIMSS Analytics research showing that if usability is lacking it can drive workarounds, non-compliance and risk. Historically usability has been viewed as the opposite of security. We will show several examples of where effective security combines usability and strong security, enabling great patient care, while minimizing risks of security incidents and breaches.

Key take-aways:

1. Latest research on healthcare breaches, and cybercrime
2. The relationship between usability, security, non-compliance and risk
3. Practical strategies for effective security that combines great usability with strong security

David Houlding MSc, CISSP, CIPP

David Houlding is the Healthcare Privacy and Security Lead at Intel Health and Life Sciences, with more than 20 years of experience in healthcare, privacy and security, and enterprise architecture. His responsibilities include privacy and security leadership for the healthcare and life science industry globally. In this role David leads healthcare security and privacy research through to defining strategy, roadmaps, reference architectures, solution incubation, prototypes, pilots, and sales and marketing field support for the Health and Life Sciences (HLS) sector. This involves extensive engagement with key healthcare customers and partners, providing guidance on best practices to manage risk and how technologies can help in a holistic approach, and catalyzing new opportunities for Intel and partners to add value in the HLS sector. Extensive thought leadership through industry collaborations, publication, social media, and public speaking. David has also held other positions at Intel including Senior Privacy and Security Researcher at Intel Labs. Prior David was the Chief Architect of Perot Systems Healthcare Payer Systems.

With several patents granted by the USPTO, David has a proven track record for innovation. David is a CISSP (Certified Information Systems Security Professional), a CIPP (Certified Information Privacy Professional), and has a Master of Applied Science in Data Compression and Digital Signal Processing from Simon Fraser University, British Columbia, Canada. David has presented keynotes and sessions, and participated in panel discussions at numerous major industry conferences including IAPP Privacy Academy, Privacy Identity Innovation, HIMSS, mHealth Summit, Strata Rx, HealthTech NextGeneration, InfoSec, NIST HIPAA Security Conference, iHT2 Health IT Summit, NIST Security Automation Conference, Enterprise Architecture Practitioners Conferences, Innovation Insights, and several other conferences. He has published and contributed to numerous articles in major trade journals including Privacy Advisor, VentureBeat, Healthcare Info Security, Healthcare Technology Online and Dr. Dobb’s Journal. David has also made contributions to book publications including XML Unleashed, and has been interviewed for newspaper and other articles.