Privacy & Security Forum Boston 2016

The square will feature Market Debuts sessions, the NursePitch competition, and HIMSS Winner Circle, all focusing on emerging tech, startups and innovation.

CISOs, CIOs and infosec pros gathered in Boston this week to tackle a range of security matters, from breach response to worsening cyberattacks to ways in which health IT pros are heroes. Here's a look at the highlights.

After his organization lost health data, Micky Tripathi discovered some hard lessons to breach reporting and recovery.

Over the course of just a few months, Massachusetts-based Partners HealthCare experienced four separate data breaches across its affiliate hospitals. That gave the health system some valuable real-world experience in breach response, said CISO Jigar Kadakia.  

Many security breaches begin with en email that allows malware enters the organization  healthcare institutions begin as a result of phishing.

Penetration or pen tests are an increasingly popular way to find the access points on a network that can be exploited by hackers.

A successful cyber-security program requires a comprehensive approach.

Hackers are getting in at the user level, but by using software-defined networking, organizations can reduce the amount of exposed information.

Focus on the patient experience. Embrace existing business models. Chase the Triple Aim. But avoid hospitals for pilot projects.

HHS Office for Civil Rights said the chances of getting audited are slim, but officials offered advice about what they're looking for when they do conduct an assessment.