One RSAC talk Duo’s Thu Pham attended was about electronic healthcare record (EHR) system security.
Overall costs of data breaches have totaled $6 billion in the healthcare industry. Security is relatively immature in the industry - there are many challenges, including:
- EHR complexity as they overlap w/Enterprise Resource Planning (ERP) systems & other enterprise apps
- Vendor dependency can present security challenges since EHR patching/other maintenance is typically controlled by EHR vendor
- EHR interoperability problems - there are many likely attack vectors, such as legacy systems, mobile devices, data centers, etc.