Protenus to Present at IAPP Privacy. Security. Risk. 2018
Stacey Davis to present on how advances in user behavior analytics provide powerful tools in identifying true threats to patient data
Austin, TX -- Protenus, a healthcare compliance analytics platform that protects patient privacy at our nation’s leading health systems, announces today that Stacey Davis, Vice President of Business Development for Protenus, will present with David Holtzman, the Vice President of Compliance Strategies for Cynergistek, on the use of user entity and behavior analytics (UEBA) to identify anomalous and potentially risky behaviors within healthcare information systems. The use of clinical context and behavior analytics is an emerging field in privacy monitoring, with AI-powered platforms able to analyze 100% of all accesses in the Electronic Health Record (EHR) to accurately detect threats to patient data. This use of artificial intelligence to provide healthcare organizations the ability to proactively protect patient privacy led to Protenus winning the 2016 HPE-IAPP Privacy Innovation Award.
Davis and Holtzman’s joint presentation, titled “Behavioral Analytics Role in Assuring Data Security,” will explore advances in UEBA that allow for healthcare privacy officers to gain full visibility into how users are accessing patient data, allowing healthcare organizations to better protect patient privacy and proactively detect true threats to PHI.
“Some organizations have invested in components that, when used together, provide some behavioral analytics capabilities. However, most have not come close to having a robust system in place, and the problem lies in the complex nature of the healthcare environment,” stated Davis. “The first step in detecting insider threats to your organization is to understand what constitutes normal workflows for your users and business associates. By reviewing 100% of accesses and using clinical context to demonstrate appropriate vs inappropriate behavior, risk can be reduced across the enterprise.”
Currently, health systems predominantly use tools that reactively respond to suspected patient privacy violations, run routine reports, and facilitate manual audits. Similarly, the UEBA market is often focused on broad tools, applicable to many markets, that don’t focus uniquely on healthcare challenges. With at least 41% of all data breaches attributable to healthcare organization insiders, according to the Protenus Breach Barometer, this presentation will detail how organizations can reduce the risk that insiders pose to patient data by auditing every access and proactively identifying breaches to patient privacy.
The IAPP is the largest and most comprehensive global information privacy community and resource. Founded in 2000, the IAPP is a not-for-profit organization that helps define, support and improve the privacy profession globally.
To register or learn more about Stacey’s presentation, visit the IAPP Privacy. Security. Risk. 2018 website.
October 19, 2018
9:00 a.m. - 10:00 a.m.
Lonestar Ballroom C, Level 3