The recent wave of catastrophic cybersecurity events has made it increasingly important for healthcare organizations to have a solid business continuity strategy – including a plan for how to deliver and document care with or without access to electronic records, said our panelists during a recent discussion. “It has reaffirmed the need to really intensify how we approach this.”
HIMSS24 Conference Wrap: Keith Duemling Says Recent Events Prove Cyber Warrants Main Stage Billing
There’s an old parenting saying, “Do as I say, not as I do.” Of course, it’s meant to get parents off the hook for not demonstrating the behavior they want emulated. Unfortunately, it rarely works, as the disconnect between talk and action isn’t lost on the little ones. When it comes to recent conferences, some […]
HIMSS Conference Preview: Keith Duemling on His Medical Device Security Session, How IT Executives Can Make Most of Shows, & Some Dont’s for Sales Folks
As the old expression goes, time is money. For executives like Keith Duemling, Senior Director of Cybersecurity Technology Protection, Cleveland Clinic, time is also about focus. That’s why he’s laser focused while at shows like HIMSS on finding ways to better protect the clinic’s patients and their data. To that end, exhibit floor games that […]
Q&A with Cleveland Clinic’s Director of Cyber Keith Duemling: Show the Business You’re an Ally
“Protecting workstations in their traditional form is not a technique that scales any longer,” says Keith Duemling, director of cybersecurity technology protection at the Cleveland Clinic. In this interview with healthsystemCIO Founder and Editor-in-Chief Anthony Guerra, Duemling talks about how he and his team of cybersecurity engineers have no small task tackling “the sheer magnitude and scale of security” at the clinic, which involves literally thousands of vendors. Third-party risk is a key trend to watch, but so is the increase in patient-owned devices being used for diagnostic purposes, Duemling says. “It’s really challenging because obviously you can’t deploy traditional tools onto someone’s privately owned device, but you are, to some degree, still responsible for the protection of their information, and certainly their protection when it comes to the care that they receive.” Ultimately, it requires building strong relationships in the enterprise and getting out in front of demand when it comes to IT.