SANS Security East 2021 features 20+ courses - Register now to get a MacBook Air or Microsoft Surface Pro 7 or Take $350 Off


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

EHR Vulnerability Reporting A Cause for Concern?

  • Tuesday, October 11, 2016 at 11:00 AM EDT (2016-10-11 15:00:00 UTC)
  • Greg Porter

You can now attend the webcast using your mobile device!



In 2015, 84% of all U.S. hospitals were utilizing a basic electronic health records ("EHR") system, as government incentives meant to drive EHR adoption and their use have generally been successful. Yet, the very systems designed to store, process, transmit, and maintain electronic protected health information ("ePHI"), while shepherding in a promising new era of accessibility and the sharing of medical data, are also providing additional opportunities for theft and fraud.

In this presentation, Greg Porter of Allegheny Digital will discuss the current state of EHR security vulnerability reporting, the use of "Certified Health IT Products," and noteworthy testing observations. He will conclude by providing attendees with practical considerations for developing an EHR focused assessment program to identify and monitor software and configuration based weaknesses.

November 14-21 | Houston, TX

Join us at the Healthcare Cybersecurity Summit to hear even more talks like this. As an attendee, you will walk away with cyber hygiene strategies that address the most pressing issues in healthcare today: ransomware, data breaches, security awareness training, and understanding their health eco-system and where ePHI resides.

Speaker Bio

Greg Porter

Greg Porter is the Founder of Allegheny Digital, an information security firm specializing in enterprise security operations, incident response, and network security monitoring. For the past several years, Mr. Porter has both led and delivered comprehensive Health Insurance Portability and Accountability Act ("HIPAA") security assessments that monitor, test and audit the effectiveness of information system controls designed to protect patient data. Most recently, he has been focused on the availability of Protected Health Information ("PHI") on the public Internet as well as examining the secure configuration of electronic health records systems.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.