Establishing a Medical Device Security Program
Instructor:
Robert Mai
Product ID: 705841
Training Level: Basic to Intermediate
- Duration: 60 Min
Why Should You Attend:
The past decade has seen an intertwined evolution of medical device security threats, regulatory and customer requirements, and the emergence of industry leading practices. Given the impact of these evolving factors, the future of healthcare will continue to be driven by technological advancements, customer demands for functionality and ease of use, and regulatory oversight.
Unfortunately, leaving security as an afterthought for decades, combined with the long life of medical devices in the field, has caused many connected medical devices on the market today to have significant cybersecurity vulnerabilities that can be exploited to gain unauthorized access to data or directly impact patient safety. Although there have been impactful improvements over the past decade, limited resources have made it difficult to comprehensively address medical device cybersecurity risks throughout the device lifecycle through end-of-life.
Attend the webinar to understand how a mature Medical Device Security Program™ can increase effectiveness and consistency in the execution of security mitigations, including improved collaboration and communication between medical device manufacturers and healthcare providers. This session will explore key positive and negative industry trends and best practices and explain how a programmatic approach be followed by medical device manufacturers and healthcare delivery organizations to secure connected medical devices throughout their lifecycle and reduce risk to patient safety and information security.
Areas Covered in the Webinar:
- Medical device security risks / overview
- Industry landscape
- Product Security Program
- What are leading practices?
- Key takeaways
Who Will Benefit:
- Medical device manufacturers (Product / Quality / IT / Security Teams)
- Healthcare delivery organizations (IT / Biomedical Teams)
- Patients / Concerned consumers
- Security Professionals
Robert Mai
Senior Manager, Cyber Risk Services at Deloitte and Touche LLP
Over 15 years of experience in information technology, security, regulatory compliance, and business process & technology controls. He has served his clients in a wide range of cyber risk roles which includes establishing and enhancing security, privacy, and compliance programs; cyber security strategies/roadmaps based on leading industry and regulatory requirements (HIPAA, NIST, ISO, PCI, SOX, FDA) etc.
Global portfolio leader for Deloitte's MeDSS practice. In this role, Robert assists medical device manufacturers and healthcare delivery organizations in designing, developing, and implementing holistic medical device security programs. He has led multiple initiatives with his client around medical device security program governance, maturity assessments, product security risk assessments, and technical security testing.
Lucas Rice
Lucas Rice is a Senior Consultant specializing in product security within Deloitte & Touche’s Cyber Risk practice. He is a member of Deloitte’s Medical Device Safety and Security (MeDSS) team, which helps product manufacturers manage the risks associated with their developed, marketed, and fielded products and customers manage the risks of their acquired products.
On the team, Lucas is the Process Solutions Lead, whose experience includes advising clients on product security process solutions through performing maturity assessments of product security programs, helping clients design, develop, implement, and operate product security programs, and providing clients with a roadmap for how to integrate security processes into their product development lifecycle.
Lucas has had the opportunity to serve a number of clients on the MeDSS team, ranging from large device manufacturers, to regional hospitals. He has also had experience helping a wide range of organization in other industries with their cyber security and product security programs: from technology and utilities to chemicals and heavy equipment organizations.
Refund Policy
Our refund policy is governed by individual products and services refund policy mentioned against each of offerings. However in absence of specific refund policy of an offering below refund policy will be effective.
Registrants may cancel up to two working days prior to the course start date and will receive a letter of credit to be used towards a future course up to one year from date of issuance. ComplianceOnline would process/provide refund if the Live Webinar has been cancelled. The attendee could choose between the recorded version of the webinar or refund for any cancelled webinar. Refunds will not be given to participants who do not show up for the webinar. On-Demand Recordings can be requested in exchange. Webinar may be cancelled due to lack of enrolment or unavoidable factors. Registrants will be notified 24hours in advance if a cancellation occurs. Substitutions can happen any time. On-Demand Recording purchases will not be refunded as it is available for immediate streaming. However if you are not able to view the webinar or you have any concern about the content of the webinar please contact us at below email or by call mentioning your feedback for resolution of the matter. We respect feedback/opinions of our customers which enables us to improve our products and services. To contact us please email [email protected] call +1-888-717-2436 (Toll Free).
