Healthcare Data Governance & Cyber Security Training Workshop

March 18-20, 2018, Hotel Towers Rotana, Dubai, UAE.

Training Objectives

At the end of this programme, participants would understand key elements of cyber security, information governance and compliance requirements within health and social care. Delegates would have understanding of the strategic approaches at national and local level, risk management, incident management and resilience mechanisms.

Register Now Download Brochure

Trainer(s) of this Training

Dr. Elena Beratarbide

PhD, MeHealth, IEng, BComp, BBA, CISA, DPO
Information Governance and Security Lead for the National Health Service (Scotland) 

More Detail

This programme will present an overview of the health and social care cyber security and data governance setting. It will provide ideas, information and skills required to manage the risk related to the processing of information in complex health and social care data flows.
 

Delegates would have a better understanding of modern approaches to fighting cyber crime and to provide information assurance through a managed framework (ISMS).
Participants will have the know-how to:

  • Develop information security strategies at national and local level,
  • Value information as a health and social care asset,
  • Understand and manage the associated risks,
  • Recognize typical cyber security controls and threats,
  • Define continual improvement plans for a healthcare ISMS
  • Frameworks and toolkits for healthcare organisations.
  • IG Toolkit, ISMS gap analysis tools.
  • National Information Security Policy Framework.
  • Understand the regulatory environment: Health Service Operating Frameworks and IG Assurance Frameworks, Developing Cyber Security and IG Strategies.
  • Appreciate the human factor in the cyber security safety chain, and identify effective training and awareness campaigns.
  • Appreciate the role of internal audit in providing independent information assurance whilst helping to improve ISMS efficiency.
  • Effectively monitor ISMS progress and demonstrate the ISMS benefits to the healthcare organization and the public.
  • Using ISMS to ensure GDPR compliance.
  • GPDR compliance assessment tools and ISMS continual improvement plans.
  • Implications of GDPR for healthcare organisations.
  • National Cyber Security Strategy 2016 /2021 (UK) and the DoD Cyber Strategy (USA)
     
  • C-Level Healthcare Executives:
    • CEO, CIO, CMIO, COO, CMO, CSO, CNO etc
  • Heads, Managers, Officers & co-ordinators of:
    • Data Governance
    • Data Security
    • Data Analytics
    • Data Information
    • Information & Communication Technology
    • Information Technology(IT)
    • Medical Informatics
    • All other professionals who are interested to learn about Healthcare data governance & security
       
  • Health Ministries
  • Health Authorities
  • Medical Cities
  • Private Hospitals
  • Medical Centers
     
  • Presentations & Lectures
  • Group Discussions
  • Workshop, Exercises & use cases
  • Certificate of Achievement
  • Course material & Handouts
  • USB device with all material
  • Study binder
  • International buffet Lunch with coffee/tea breaks
     

Hotel Towers Rotana
Dubai, United Arab Emirates
P.O. Box 30430 Dubai U.A.E
00 971 (0) 4 3122130
View Map

Course Fee $1,900/Participant

Individual
Book & pay on or before Feb. 15th, 2018 & get
10% addtional discount USD 1,710/participant
Corporate (Group Discount)
10% Discount on minimum of 2 Participants
 


Healthcare Data Governance & Cyber Security - Course Schedule

Day 1 - Sunday 18 March, 2018
Opening Session

Registration and Intro
 

Session One

Information Governance and Cyber Securityin the real world - Cyber security as a strategic risk.

  • Understanding your data – Information Asset Registers. Data flows.
  • Understanding your risk: Information Asset Risk Assessments and Privacy Risk Assessments.
  • Top 10 threats for health care organisations.
  • Understanding and categorizing your cyber incidents.
  • Managing cyber risks nationally and locally
Morning Break & Networking
Session Two

Information Governance and Cyber Security in the real world -Understanding the 3rd parties risk.

  • Trusting you supplier.
  • 3rd party security assessments.
  • Managing the risk.
  • Contractual matters.
  • Information Sharing Agreements and Data Processor Agreements.

Case studies/discussion sprints:

  • Health Service risk registers
  • National cyber security risk alerts
  • Health care information and cyber security incidents.
     
Lunch Break & Networking
Session Three

Responding to cyber security incidents and data breaches.

  • Challenges and guidancefor healthcare organisations:preparing for threats, Incident Response Process, Disaster Recovery Plans, Evidence Collection and Preservation, Incident Investigation, Root Cause Analysis and Incident Reporting.
  • Building skilled resources to speeding up response capabilities, recovery and resilience.
Evening Break & Networking
Session Four

National resilience units and healthcare. Notification to supervisory authorities, fines and embarrassment
Case studies/discussion sprints:

  • Dosimetry Monitoring System incident: data processor cyber attack.
  • Wannacry incident.
  • Data disclosure incidents in health care organisations: email, social media, Patient Administration System
     
Day 2 - Monday 19 March, 2018
Session One

Improving cyber readiness and resilience in health care settings.

  • Effective use of Cyber security and information governance standards in the real world.
  • Frameworks and toolkits for healthcare organisations.
  • Planning your ISMS for the future.
  • National vs. local approaches.
  • Monitoring effectiveness and national and local level.
     
Morning Break & Networking
Session Two

Improving cyber readiness and resilience in health care settings.

  • Architectural controls
  • Data controls
  • Hardware controls
  • Network controls
     
Lunch Break & Networking
Session Three

Improving cyber readiness and resilience in health care settings.

  • Software controls
  • User controls
  • ISO27001 Controls
     
Evening Break & Networking
Session Four

Case studies/discussion sprints:

  • IG Toolkit
  • ISMS gap analysis tools.
  • National Information Security Policy Framework.
  • National resilience monitoring
  • Archetype for National Critical Infrastructure Cybersecurity for Middle East region.
Day 3 - Tuesday 20 March, 2018
Session One

Regulatory Environment for Healthcare Organisations
Legislation, policies, code of practice and guidelines: Supervisory Authorities regulations, Data Protection (GDPR), Duty of Confidentiality, Freedom of Information, Integrated Health and Social Care, Access to Health Records, Public Records, Criminal Justice and Immigration, Data Handling, Health Service Operatin Frameworks, IG Assurance Frameworks, Human Rights, Computer Misuse, Privacy and Electronic Communication Regulations, PCI/DSS, Records management.

Case studies/discussion sprints:

  • GPDR compliance assessment tools
Morning Break & Networking
Session Two

Developing Cyber Security and IG Strategies.

  • Fighting cybercrime in the 21st century. Modern approaches.
  • Elements of effective Cyber Security and IG strategies.
  • National vs Local strategies and policies.
  • Strategic policy frameworks for health and social care.
     
Lunch Break & Networking
Session Three

Case studies/discussion sprints:

  • National Cyber Security Strategy 2016 /2021 (UK)
  • The DoD Cyber Strategry (USA)
     
Evening Break & Networking
Session Four

Information Security Management Systems

  • Governance.
  • Continual improvement.
  • The human factor in the cyber security safety chain. Training and awareness.
  • Internal audit.
  • Monitoring progress.

Case studies/discussion sprints:

  • ISMS continual improvement plans.

Summary of the course

  • Closing remarks
  • Certificate distribution
     
Course Program
Time Topic
08:00 to 08:30Registration & Introduction
08:30 to 10:00Session One
10:00 to 10:15Morning Break & Networking
10:15 to 12:15Session Two
12:15 to 13:15Lunch Break & Networking
13:15 to 14:45Session Three
14:45 to 15:00Evening Break & Networking
15:00 to 16:30Session Four