Healthcare & Med Device

MONDAY, OCTOBER 26, 2020

The Healthcare & Med Device event is included in the VIP All-Access Pass, or can be purchased as a special half-day session ticket.   

The Cyber Security Healthcare and Med Device half-day event from 12:00 – 4:00 p.m. brings healthcare providers and medical device manufacturers together with security experts and others to advance medical device safety and security. Participants include healthcare delivery organizations, device-makers, regulatory agencies, risk managers, insurers, security experts and more.

Ticket also includes option to attend two Monday morning technical sessions.

Following the seminar, explore resources from our solution strategy providers and establish new professional relationships during the Virtual EXPO Hall Opening from 3:30 – 5:00 p.m.

Agenda

12:00 – 12:30 PM
Prioritizing Security Efforts – How to Get Out of Fire Drill Mode
Security debt, the byproduct of market incentives, creates risk for healthcare stakeholders. Unfortunately, the resulting risk does not necessarily change active market incentives. As a result, there is a series of cascading failures in the development, regulation, and maintenance of healthcare technology. Therefore, to make a significant impact on the security posture of healthcare and medical devices in particular, a system of policy and technological solutions must: align with active market incentives, enhance the effect of latent market incentives, or create new market incentives. This session explores potential solutions.

Key Learnings:


Who Should Attend?:

Whether you are a seasoned executive or a new security engineer to healthcare, this session will be relevant to you!

Speaker: Seth Carmody, Vice President of Regulatory Strategy, MedCrypt

Session supported by:


1:00 – 1:30 PM
Vulnerabilities Around Patient Monitoring Systems (GE Carescape)
Session examines the identification and actions taken by a healthcare IT security organization to mitigate vulnerabilities associated with a published healthcare IoT vulnerability (i.e. GE CARESCAPE). GE CARESCAPE collects patient physiological data and waveforms, together with demographic data, at the patient-side in real-time and collects that data over a shared network.

Key Learnings:

  • Healthcare IoT
  • Connected Devices
  • Device Security
  • Vendor Risk Management
  • Clinical Engineering/Biomedical Engineering

Who Should Attend?

  • CISOs
  • IT Healthcare Management
  • IT Security Management
  • IT Security Consultants and Engineers
  • Information Assurance Analysts
  • Clinical Engineering / Biomedical Engineering

Speaker: Dave Harvey, Manager of IT Security GRC and Interim IT Security IR Manager, Fairview Health Services


1:30 – 2:00 PM
How to Understand and Use Medical Device Utilization Information for Decision Making
Understanding what network devices you have and how those devices are being used can seem like a tremendous undertaking. In this session, we will discuss how Ordr has helped organizations understand their real-time inventory and device utilization. Ordr has worked with some of the largest medical providers today to reduce downtime and improve ROI. Big or small Ordr has worked with them, and we have found the problem areas are to be similar for all Health Delivery Organizations. In this session, we will look at the key use cases Ordr has seen with our clients to; discuss the visibility and insights they need to make educated capital purchases; tips and tricks to better and more efficiently manage their fleet; strategies to manage vulnerable medical systems, and insights into driving efficiency and capital savings with their medical devices.

Key Learnings:


Speaker: Darrell Kesti, Regional Sales Manager, Ordr Inc.

Session supported by:


2:30 – 3:00 PM
Threat Modeling


3:00 – 3:30 PM
Securing Telemedicine in a Post-COVID World

Telemedicine is here to stay, even in a post-COVID world. It improves outcomes by reaching more people, faster, and with greater efficiency than traditional office visits. It benefits underserved communities, the aged, and the immobile. Plus, it makes healthcare in general more resilient to future pandemics or natural disasters.

Telemedicine has its risks, though. Widespread adoption could disrupt the entire system, forcing major changes in financial models and public policy. And cybersecurity and privacy concerns are sure to grow alongside it. Hackers feast on everything from teleconferencing apps, wireless networks, personal devices, remote monitoring technologies, protected health information and the platforms that maintain it. And there’s no shortage of laws and compliance mandates to consider.

Key Learnings:


Speaker: Steve Caimi, Caimi, Cybersecurity Specialist, Cisco Systems


3:30 – 4:00 PM
Things to Think About When Preparing a Product Submission for Regulatory Review

The medical device cybersecurity ecosystem is dynamically changing for all stakeholders. As a result, the expectations from regulatory bodies around the world are evolving rapidly. In this session, the speaker will cover 5 things to think about when creating submission content used for gaining product approval from regulatory bodies.

Key Learnings:

  • Overview of current regulatory landscape
  • Pitfalls to avoid with regulatory submissions
  • Additional considerations to consider while operating within the medical device ecosystem

Who Should Attend?

  • Medical Device Cybersecurity Practitioners & Management
  • Regulatory Affairs Specialists & Management

Speaker: Nimi Ocholi, Director, Product Security, Medtronic


4:00 – 4:30 PM
Must-Have Contract Security Language (and a COVID-19 Perspective)

Session examines the identification and actions taken by a healthcare IT security organization to mitigate vulnerabilities associated with a published healthcare IoT vulnerability (i.e. GE CARESCAPE). GE CARESCAPE collects patient physiological data and waveforms, together with demographic data, at the patient-side in real-time and collects that data over a shared network.

Key Learnings:

  • Differentiating between “good” and “bad” contractual language
  • What detailed policies and procedures should be required
  • Audit considerations

Who Should Attend?

  • In-house legal
  • Outside counsel
  • CEO, CFO, COO, CPO

Speaker: Eran Kahana, Attorney, Maslon LLP

Session supported by:

Thank you to our Healthcare & Med Device Host

Thank you to our Healthcare & Med Device Supporters


Sponsorship Opportunities

To learn about available sponsorship opportunities, contact Jennifer Churchill at 763-548-1306 or jennifer.churchill@eventshows.com.


As featured in the Star Tribune, healthcare and medical device organizations are prime targets of cyber-attacks – but now they are striking back.”
CATHARINE TREBNICK AND KYLE BAUSER
“The Twin Cities is a hotbed of medical device development and a perfect location to hold a Healthcare and Medical Device Security workshop. We are putting together a program that should be of particular help for smaller manufacturers and health care providers. It will be a very worthwhile program to attend.”
KEN HOYME, 2019 CO-CHAIR