Session ID: 

How to Close Biomedical HIPAA Compliance and Security Gaps

2:30pm - 3:30pm Thursday, February 14
Orlando - Orange County Convention Center


Hospitals have a plethora of biomedical devices connected to the network and each device carries its own security and compliance concerns. Healthcare organizations typically keep biomed devices in use longer than other endpoint devices, sometimes for 15 years or longer. As a result, these devices are extremely susceptible to technical hacks because vulnerabilities cannot be patched. Given these devices are essential to delivering patient care, security issues can have implications on not only hospital operations, but patient safety as well. This speakers will ask four simple questions to address biomed devices and will draw from their decades of experience managing security programs to provide an overview of the primary security and compliance risk categories associated with these devices. Additionally, they will introduce proven techniques for addressing the security and management gaps that attendees can leverage within their organization.

Learning Objectives: 

  • Explain the primary security and compliance risk categories associated with biomedical equipment
  • Analyze key strategies to mitigate the risks to level within the accepted risk appetite for the healthcare organization
  • Identify the key operational and managerial actions to address the risks by assigning specific tasks and responsibilities to various key stakeholders


Associate Chief Operating Officer, Senior Director Clinical Engineering,
Duke University Health System - Duke Health Technology Solutions
Vice President, Security Strategy,


IT Professional