Information Security in Medical Informatics Nicholas Davis UWMadison, Division of Information Techno - PowerPoint PPT Presentation

1 / 69
About This Presentation
Title:

Information Security in Medical Informatics Nicholas Davis UWMadison, Division of Information Techno

Description:

How Information is Critical in Healthcare. Security Problems in a healthcare environment ... The Hacker's Credo Play By the Rules ... – PowerPoint PPT presentation

Number of Views:145
Avg rating:3.0/5.0
Slides: 70
Provided by: Swis7
Category:

less

Transcript and Presenter's Notes

Title: Information Security in Medical Informatics Nicholas Davis UWMadison, Division of Information Techno


1
Information Security in Medical
InformaticsNicholas DavisUW-Madison, Division
of Information Technology
2
Overview
  • Introduction
  • How Information is Critical in Healthcare
  • Security Problems in a healthcare environment
  • Medical Records Privacy
  • US Laws
  • Technology Developments
  • Digital certificates and PKI
  • Password crackers
  • Packet sniffers
  • Port scanners

3
Evolving Landscape in Healthcare Information
Security
  • Minimal disclosure
  • Risk analysis at core
  • Auditing procedures
  • Authentication
  • Access profile
  • Emergency procedures for systems failing open vs.
    failing closed

4
Major Areas of Concern
  • Audit trails
  • Printing, data transfers (FAX)
  • Authentication of sender and receiver
  • Non-repudiation
  • Network access
  • Training and awareness
  • Thin clients vs. thick clients

5
How Information Exchange Has Evolved Over the
Past 25 years
  • Patient care instant access to current,
    correct, readable data
  • Data transfer to other external treatment
    facilities
  • Prescriptions written vs. electronic
  • Insurance and billing business processes
  • Notification of infectious diseases to state and
    federal authorities
  • Telemedicine (DICOM)

6
Security Issues in the Real World Healthcare
Environment
  • Networks not integrated
  • Testing labs have disparate systems
  • Doctors' PCs largely uncontrolled and unprotected
  • Workstations not tied to individuals, often
    shared among several people
  • This environment encourages poor security
    practices

7
Controlling Access to Sensitive Systems
Security Means Added Complexity
  • Data protection conflicts with ease of use
  • Password management poses problems
  • Medical and non-medical staff dont cooperate
  • Non-medical use a reality
  • Shared responsibilities complicate audit trail
  • Medicine is a high-stress job. Healthcare
    professionals just want to do their job without
    hassle from technology
  • Access rights, read, write, append

8
Role Based Access Control
  • How much patient data should be available to
  • Treating physicians?
  • Consulting physicians?
  • Medical students?
  • Pharmacy staff?
  • Dietary staff?
  • Outpatient treatment personnel after patient
    discharge?
  • Employees in multi-facility applications
    (clinics)
  • Vendors (Managed Care reps, technicians)?
  • Information technology staff?
  • Volunteers?

9
Role Based Access Control
  • Individual users should not be assigned rights
    too difficult to track and change as roles evolve
  • Users should belong to groups
  • Groups should be granted access rights
  • Policy should be established for regular audits
    and updates of group membership (semester /
    academic year, etc/)

10
Social Engineering Threats
  • What is Social Engineering?
  • In person impersonation
  • Telephone impersonation
  • Brute force attacks

11
Social Engineering
  • Online discharge summaries available to everyone
    in hospital. A little bit of information is all
    people need to gain trust vicious circle
  • Do use your system access rights to let someone
    else on the system
  • Criminals use patient info for blackmail
  • Staff use patient data to get dates or to stalk
    victims. Everyone can become spooky given the
    right circumstances

12
Moving From Paper to Electronic Auditing
  • Paper records let medical-records staff
  • monitor usage usually highly professional
  • Paper records provide good security simply
  • because of lower accessibility
  • However, paper records are really hard
  • to search and use.

13
Electronic Auditing
  • Hybrid systems use online databases with
  • manual input of usage records. Can be
  • tedious and potential exists for error.
  • Modern systems create audit entries as
  • Systems are accessed.
  • Use audit and reporting software to analyze
  • records.

14
Having Tracks Is Not Good Enough
  • Who will analyze audit
  • trails?
  • Need exception reports
  • Public Knowledge that
  • an audit trail exists is a
  • deterrent to misuse.

15
Historical Medical Information Access Challenges
  • Risk from poorly-controlled data access
  • Fears are hindering effective use
  • Limited awareness, little understanding among
    healthcare professionals
  • Ineffecient access methods
  • Inadequate controls drawn from other work
    environments

16
There Is Hope!
  • Education is essential!
  • Develop Informatics Risk Management Committee
    with members representing a true cross section of
    your operating environment
  • Resources must be assigned to improve security
    (Security costs real money)
  • Requirements are stringent but must be met
  • Passwords make people feel better, but a stronger
    system for authentication and authorization needs
    to be adopted
  • Security awareness must be an ongoing process

17
Why is Privacy of Medical Records So Important?
  • Doctor patient relationship
  • Privacy and Confidentiality Different?
  • Regulations Affecting Patient Records (HIPAA is
    of primary concern) If you can meet HIPAA, you
    are gold!
  • Basic Principle of Medical Informatics Security
    Need to know basis

18
Medical Record Security
  • Technology has always incited worry
  • Rights of privacy
  • Unreasonable intrusion
  • Appropriation of name, appearance
  • Unreasonable publicity
  • Misrepresentation

19
Government Regulations
  • Privacy Act of 1974
  • Health Insurance Portability and Accountability
    Act of 1996 (HIPAA)
  • State-Specific Privacy Security Laws
  • Electronic Signature Act of 2000

20
HIPAA
  • Goals of HIPAA
  • HIPAA Approach Authenticate Protect Provide
    Assurance
  • Penalties in HIPAA
  • Expectations Impacts of HIPAA are vague at best
  • HIPAA Privacy Rules

21
HIPAA Goals
  • Tie the healthcare industry together
  • Save money
  • Increase productivity and efficiency
  • Lower the costs of products based on implementing
    a more limited number of standards
  • Lower administrative and back-office costs by
    lowering error rates, creating cleaner claims,
    speeding payments
  • Lower the costs of maintaining and managing the
    healthcare IT infrastructure

22
The Use of Electronic Signatures
  • Electronic Signatures in Global and National
    Commerce Act
  • Allows e-signatures to have same legal weight as
    pen-and-ink signatures
  • Currently determined on a state by state basis

23
Electronic Signatures
  • Effects on HIPAA are as yet uncertain
  • Remains to be seen what will be accepted as
    electronic signature
  • Image of signature?
  • Cryptographic signature?

24
The Technology
  • Card/token systems
  • People would leave tokens behind
  • Card-swipe systems
  • People would leave systems logged on after they
    left
  • Biometric systems
  • Expensive user resistance
  • Same problem of failure to log off
  • Proximity card/token systems promising

25
Proximity Based Authentication and Authorization
  • Usually radio-frequency responders
  • Base station recognizes token
  • Communicates with access-control system
  • Initiates automatic logon
  • Can have two-factor authentication
  • Immediate screen lock when user leaves
  • Can even have session follow staff members
  • Instant access to screen anywhere
  • Reduces delays

26
Usernames and Passwords
  • Why do we have usernames and passwords?
  • Authenticate and Authorize
  • Why are usernames and passwords a bad idea?
  • Theft, sniffing, shoulder surfing, brute force
    attacks, concurrent usage, intentional sharing to
    thwart technical controls.

27
One Time Password Devices
  • RSA SecurID
  • Addresses many username/password concerns
  • Time based
  • Event based
  • Only good for authentication

28
Digital Certificates
  • What is a digital certificate?
  • Authentication
  • Authorization
  • Non-repudiation
  • Encryption
  • Email, documents, system access, physical access

29
The Threats of Portable Data
  • Theft and misappropriation
  • Consistency and version control
  • Lack of an authoritative source

30
The Importance of Systems That Fail Open
  • Failing open vs. failing closed
  • Reasonable assurance depends on risk at hand
  • What might be acceptable in the ER might not be
    acceptable in the Foot and Ankle Clinic

31
Takeaways From Todays Session
  • It is your job to protect PHI
  • Just because you cant see it happening, dont
    assume it isnt happening
  • Retain only necessary data
  • Dont circumvent technical controls

32
The Hackers Credo Play By the Rules
  • Contrary to popular belief, hackers dont break
    the rules
  • Hackers find weaknesses in the rules and then
    exploit those weaknesses
  • Only the king has access to the goldI guess
    Ill have to become a king!

33
Protecting Email With a Digital Certificate
  • Digitally sign your messages
  • Encrypt email to others
  • Try it out today in the computer lab

34
What is PKI?
  • PKI is the acronym for Public Key Infrastructure.
  • The PKI system ensures confidentiality,
    authenticity, integrity and non-repudiation of
    electronic data.
  • Principles of public key cryptography and the
    public-private key relationship are the basis for
    any PKI
  • The Infrastructure part of PKI is the underlying
    system needed to issue keys and certificates and
    to publish public information.

35
Confidentiality, Authenticity, Integrity, and
Non-repudiation
  • As the wired world progresses, we will
    become increasingly reliant upon electronic
    communication both within and outside of the
    UW-Madison campus network. We want to be careful
    to protect our online identity and confidential
    information. PKI can help us with this.

36
Confidentiality
  • Means that the information contained in the
    message is kept private and only the sender and
    the intended recipient will be able to read it

37
Authenticity
  • Verification that the people with whom we are
    corresponding actually are who they claim to be

38
Integrity
  • Verification that the information contained in
    the message is not tampered with, accidentally or
    deliberately, during transmission

39
Non-repudiation
  • There can be no denial on the part of the
    sender of having sent a message that is digitally
    signed

40
How does PKI accomplish all of these things?
  • Data Encryption
  • Digital Signature
  • Root Authorities

41
  • Encryption refers to the conversion of a message
    into an unintelligible form of data, with the aim
    of ensuring confidentiality
  • Decryption is the reversal of encryption it is
    the process of transforming encrypted data back
    into an intelligible message
  • In public key cryptography, encryption and
    decryption are performed with the use of a pair
    of public and private keys

42
  • The public and private key pair is comprised of
    two distinct and uniquely matched strings of
    numbers.
  • The public key is available to everyone and a
    private key is personal and confidential, known
    to and maintained by the designated owner.
  • Although related, it is computationally
    infeasible to derive the private key from the
    public key and vice-versa. When one of the keys
    in the key pair is used for encryption, the other
    key has to be used for decryption.

43
  • This relationship of public to private keys not
    only enables protection of data confidentiality,
    but also provides for the creation of a digital
    signature, which serves to ensure the
    authenticity and integrity of the message as well
    as its non-repudiation by the sender

44
  • Digital SignatureAddresses the issues of
    authenticity, integrity and non-repudiation. Like
    its hand-written counterpart, a digital signature
    proves authorship of a particular message.
    Technically, a digital signature is derived from
    the content of the sender's message in
    combination with his private key, and can be
    verified by the recipient using the sender's
    public key to perform a verification operation.

45
Digital Certificates and Certificate Authorities
  • A digital certificate is a digital document that
    proves the relationship between the identity of
    the holder of the digital certificate and the
    public key contained in the digital certificate.
    It is issued by a trusted third party called a
    Certificate Authority (CA.) Our digital
    certificate contains our public key and other
    attributes that can identify us.

46
  • When a person sends a digitally signed message
    to another person, the recipient may verify the
    validity of the signature via a mathematical
    operation, using the senders chained public key
    to verify the digital signature created by the
    sender.

47
How is a certificate issued?
  • When a person applies for a digital
    certificate from a CA, the CA usually checks the
    person's identity and then generates the key pair
    on the users computer. Alternatively, the CA may
    generate the key pair for the person and deliver
    the private key to the person via secure means.
    The private key is kept by the person (stored on
    the person's computer or possibly on a smart card)

48
Encryption Example
  • Peter wants to send Ann his super secret resume.

49
Encrypting an email (continued)
  • Peter encrypts using Anns public key
  • Ann decrypts using her private key

50
Encryption (Continued)
  • If Ann wishes to send Peter a confidential
    reply, she encrypts her message using Peter's
    public key. Peter then uses his private key to
    decrypt and read Ann's reply. 

51
Digital Signature Example
  • Ann signs the email with her private key
  • Peter verifies Anns signature by running an
    operation of the digital signature against her
    public key.

52
Where is my Certificate Stored?
  • You digital certificate is stored either on your
    machine or on a cryptographic USB hardware device
  • Dual factor authentication

53
What does it actually look like in practice?
-Sending-
54
What does it actually look like in practice
(unlocking my private key)-sending-
55
What does it actually look like in
practice?-receiving- (decrypted)
56
Digitally signed and verified Encrypted
57
What does it actually look like in
practice?-receiving- (intercepted)
58
Summary Points
  • Digital Signatures can
  • Provide verified assurance to the recipient of
    your email or document that you are indeed a
    member of the UW-Madison community
  • Prove that the contents of an email or a document
    have not been altered from their original form
  • Provide certified proof that you did indeed send
    a specific email or author a specific document.

59
Summary Points
  • PKI based encryption allows you to
  • Encrypt email and files for others so that they
    are protected end to end while in transit
  • Maintain protection of email and files in storage
    on your local computer hard drive, or on any
    network drive.
  • Assist in complying with HIPAA, FERPA and other
    such government regulations.

60
Todays Practical Demonstration
  • Password cracker Ophcrack, demonstrates the
    importance of complex passwords and providing
    true physical security on machines containing
    sensitive data.
  • Your system is secured with username and
    password, therefore it must be safe, right?
  • Your system is kept in a secured area, therefore
    it must be safe, right?
  • What you cant see is a bigger threat than what
    you can see! Id rather have external bleeding
    than internal bleeding

61
Ophcrack
  • One way hash
  • Takes advantage of rainbow tables to speed its
    actions
  • Dictionary Attack
  • Brute Force Attack

62
How to Thwart Ophcrack
  • Stop using usernames and passwords
  • If you cant stop, than at least use strong
    passwords
  • Use digital certificates to control access
  • Firewall all nodes on your network
  • Implement an IDS / IPS on your network
  • Limit access to physical access only
  • Encrypt data on your host machine
  • Actually look at your audit logs once in a while!

63
Lets Crack Some Passwords Together!
  • Word
  • Excel
  • Winzip

64
Packet Sniffers and Honeypots
  • Packet sniffers can reveal a lot about your
    network and HIPAA compliance
  • Lure in potential intruders with a Honeypot

65
Is My System Secure?
  • OS doesnt matter, none are 100 safe
  • Apply security patches!
  • When you are not sure, backup, audit, restore
  • File comparison helpful, but not 100 assurance

66
Viruses, Malware, Spyware
  • What is a virus?
  • What is malware?
  • What is spyware?
  • Who can I trust?

67
What is Phishing?
  • Should I help a man in Nigeria transfer funds to
    the US?
  • How do I know when I am being Phished?

68
What Does That Little Lock in My Browser Really
Mean?
  • SSL Secure Socket Layer
  • Protection of data in transit
  • Protection of data at rest
  • Where is the greater threat?

69
Questions and Comments
  • Nicholas Davis
  • PKI Project Leader
  • UW-Madison, Division of
  • Information Technology
  • ndavis1_at_wisc.edu
  • 608-262-3837
  • Please dont hesitate to contact me if you have
    any questions!
  • Thanks for having me here today!
Write a Comment
User Comments (0)
About PowerShow.com