Healthcare Cybersecurity, Privacy, and Data Protection

Healthcare cybersecurity, privacy, and data protection are foundational to modern healthcare operations. Healthcare organizations operate in complex environments that rely on trusted virtual and physical access by both human and nonhuman entities, as well as an extensive network of vendors, service providers, and third parties that support clinical, administrative, and technical functions. Despite these challenges, everyone needs to work together to safeguard patient information, systems, networks, devices, applications, data, and other resources. This book offers practical guidance for individuals involved in healthcare cybersecurity, privacy, and data protection, as well as international stakeholders.

Lee Kim JD CISSP CIPP/US is a global cybersecurity expert and a practicing attorney (AV peer review rated). Lee serves as a National Visiting Committee member of the National Cybersecurity Training and Education Center. Lee is also a founding charter member of the InfraGard Cyber Health Working Group. Previously, Lee served on the SANS Securing the Human Healthcare advisory board, (ISC)2 Government Advisory Council Executive Writers Bureau, and participated on working groups to draft the National Cybersecurity Incident Response Plan and the NIST Cybersecurity Baldrige Excellence Builder. Significant initiatives include proposing and advocating for significant portions of the Cybersecurity Act of 2015, assisting Congressional staffers with legislative and oversight matters, and teaching before a wide variety of audiences on cybersecurity and data protection. Lee has served as a subject matter expert domestically in the United States and internationally, including in Canada, Italy, and Singapore. Lee is well versed in public policy as well as legal and regulatory frameworks both in the United States, Europe, and in the Asia-Pacific region. Lee regularly works with CxOs, policymakers, attorneys and others regarding cybersecurity and data protection matters. Lee has a significant publication record in the United States and elsewhere spanning intellectual property, cybersecurity, and data protection matters. Lee speaks before a wide variety of audiences, including the American Bar Association, Software Engineering Institute CERT Division, Carnegie Mellon University, Cisco, Industrial Control Systems Joint Working Group, DHS, FDA, InfraGard, HHS/OCR and NIST, PBI, Research America, Strafford, US Telcom Association, and Verizon. Lee is frequently featured or quoted by various media outlets, including the Canadian Broadcasting Corporation, Associated Press, Axios, Politico, Forbes, Wired, Huffington Post, and the Times of Israel.

Chapter 1: Introduction to Cybersecurity. Chapter 2: Overview of the Healthcare Cybersecurity Threat Landscape. Chapter 3: Identity, Access Management, and Authentication in Healthcare Cybersecurity. Chapter 4: Malware. Chapter 5: Major Breaches in Healthcare. Chapter 6: Governance. Chapter 7: Healthcare Cybersecurity and the Board of Directors. Chapter 8: Social Engineering in Healthcare: Why, How, and What to Do. Chapter 9: Information Sharing in Healthcare Cybersecurity. Chapter 10: Artificial Intelligence and Healthcare Cybersecurity. Chapter 11: Advancing the State of Healthcare Cybersecurity with Innovation