Session ID: 
408

Transforming Logical Access Control for a Hospital Network

1:30pm - 2:30pm Wednesday, March 7
Las Vegas - Venetian Convention Center
Galileo 904

Description

St. Luke’s is transforming the process of logical access control from a manual system to an automated system with the goals of improved security, easier to use, more efficient and to be cost effective and privacy enhancing. Growing rapidly, St. Luke’s today has 7 hospitals and 325 locations in Pennsylvania and New Jersey. In 2016 St. Luke’s had 62,000 inpatients and one million outpatients. As a result manual systems have become more cumbersome and challenging to manage. This is most evident in providing selective access to over 400 applications, systems and servers. The new program will automate much of the process. The high level architecture of the access control system is a hybrid of a role-based access control (RBAC) and attribute-based access control (ABAC). The HR system will be the source of truth while the access control system will hold access roles and attributes. Core to the planning phase is an understanding of the organization’s people, processes and applications.

Learning Objectives: 

  • Analyze the time and budget required to transform a hospital system to automated access control
  • Explain the value of using a hybrid access control using both RBAC and ABAC
  • Perform an analysis of the number, type and access requirement for the organizations applications
  • Illustrate a methodology to build a comprehensive organizational chart and reporting structure
  • Discuss the differences between job titles and access roles and attributes

Speaker(s): 

CISO-Interim ,
St. Luke's University Health Network...
Chief Executive Officer,
Thornebrook, LLC
Continuing Education Credits: 
ABPM
1.00
CAHIMS
1.00
CME
1.00
CNE
1.00
CPHIMS
1.00
IAPP
1.00
PDU
1.00

Audience: 

CIO, CTO
IT Professional
Security Professional

Level: 

Intermediate

WHERE THE WORLD
CONNECTS FOR HEALTH