With the impending risk in the mind, to assist healthcare organizations to prevent data security breaches, we bring you the “The 10 Most Trusted Healthcare IT Security Solution Providers” issue.
VIP Call Girl Sector 32 Noida Just Book Me 9711199171
The 10 most trusted healthcare it security solution providers 2018
1. ITSourceTEKLeading the Movement in a Risk-Based & Data-Centric
Security Approach to Thwart Cybercriminals
www.insightscare.com
September 2018
The 10Most Trusted
Healthcare
IT Security
Solution Providers
2018
Brian Arellanes
CEO & Founder
2.
3.
4. From the
Editor yber security is healthcare’s hot potato today. Cybercrimes
have affected the industry on a very large scale and there’s
Cno permanent solution reached, if it even exists. With the
rise of these threats at an alarming rate, majority of the healthcare
companies have adopted various strategies to protect their patient’s
data and all the critical information. “Busy fighting the outsiders,
less attention is paid to the menace that lies inside.” It is a known
fact that six out of ten cyber-attacks in the healthcare industry have
an insider from the organization involved.
The unpredictability of the insider threat is more than an external
one, pointing to a greater risk. Moreover, the trusted insider has
legitimate access to all the systems of the organization and hence,
the difficulty of going through the already installed security walls is
eliminated. They also know what information is stored where,
making it easier for them to breach the target data. All known and
understood, it is not wrong to say that insider cyber-attacks are one
of the greatest challenges for the healthcare industry in today’s
date.
Insider threats being hard to identify and even harder to prove,
necessary measures to eliminate them should be taken beforehand.
From background check before hiring an employee, or
collaborating with a partner, to timely monitoring the workforce to
controlled and protected access to sensitive data, healthcare
organizations today must take several steps to safeguard all its
digitally stored files. Also, more education on cyber security in
healthcare, provided to the current employees as well as the future
leaders of the industry, will help in reducing inside threats. Along
with this, the most important question you should be asking
yourself is- “What steps will you take differently if you are already
aware that you are going to be robbed, and by someone you trust?”
In the era where digitization has taken over the healthcare space,
what can be a greater threat than cyber-crime? Realizing the same,
many healthcare organizations, today, have strategized various
fences against cyber-attacks. But, most of them fail to acknowledge
the insider threats, focusing only on the external risks. As it is said
widely, ‘Cleanliness begins at home’, it is not wrong to analogize it
with the current scenario of cyber security.
The Threat
that Comes
From Within
Aishwarya Nawandhar
6. Articles
Cover Story
ITSourceTEK
Leading the Movement in
a Risk-Based &Data-Centric
Security Approach to
Thwart Cybercriminals
8
Data Cryptology
34
Tokenization or
Encryption
- ChooseWisely
Pocket Wellness
22
mHealth:The New
Horizon in the Health
Technology
28
Cybernetics
40
Strategies for Healthcare
Organizations to Combat
Cybercrime
Biomarkers
Proteins are
Better Biomarkers
than Genes
7. 24By7Security
A Comprehensive
Cybersecurity &
Compliance Solutions
Provider
16
20
26
Hashed Health
Leveraging Blockchain
Technology to Enhance
the Care in Healthcare
Haystack
Informatics
Leveraging Behavioral
Analysis to Secure
Health Systems
against Infringements
Prey
Devouring Cyber
Theft with Modernism
&Amendment
32
38
42
Seceon
Delivering Cutting-Edge
IT Security for
Healthcare’s Digitally
Transforming World
SecureNetMD
An Innovative
Technology Partner
for HealthcareLeaders
CONTENTS
8. Rendering Sophisticated
Data Security Solutions
to Leading Healthcare
Enterprises
ealthcare has witnessed extensive digitization in the recent years. Although this has remarkably transformed
the services in healthcare, it comes with a challenging side-effect: risk of information security. Healthcare
Hhas been one of the prime targets for cybercriminals; and with the healthcare data being very sensitive
in
nature, this is a major concern. It is of immense significance that the healthcare companies be aware and implement
the best practices to secure the information of their patients as well as the organization.
With the impending risk in the mind, to assist healthcare organizations to prevent data security breaches, we bring
you the “The 10 Most Trusted Healthcare IT Security Solution Providers” issue. In this issue, we are presenting
to you some of the prominent companies and healthcare solution providers, who have successfully helped the industry
to protect the patients' information and other critical healthcare data against the ever-rising cyber-attacks.
The cover of this magazine showcases the award-winning leader in the IT security industry, ITSourceTEK. It offers
risk-based and data-centric security solutions against cybercrime.
Other than this perceptive cover story, the magazine also features Haystack Informatics, a behavior analytics
company that assists healthcare providers, Prey Software which offers several cutting-edge anti-theft services,
Hashed Health solving most important problems in healthcare with blockchain and DLT, Seceon that has been
safeguarding healthcare data from potential breaches, 24By7Security, a cyber-security and compliance specialist and
advisory firm, and SecureNetMD providing HIPAA compliance managed technology solutions.Apart from these, we
have selected a few more pioneers of the industry viz. Barrier1, BeyondTrust, and Sensato.
As you journey through the magazine, make sure to not miss out on an insightful article titled ‘Proteins are Better
Biomarkers than Genes’ by Dr. Steven Pelech, the Founder, President, and CSO of Kinexus Bioinformatics
Corporation. Flipping through some more pages, you will find our masterly crafted in-house articles from Pocket
Wellness, Data Cryptology, and Cybernetics. Walking through all the pages in this magazine of ours, you will be
introduced to an interesting world of novelty.
So, turn the pages and enjoy a good read!
9.
10. ITSourceTEK
Leading the Movement in a Risk-Based &
Data-Centric SecurityApproach
to Thwart Cybercriminals
Our clients are at the center of our services.
We thrive to provide the best possible
solutions to their problems
‘‘ ‘‘
Cover Story
12. ‘‘
‘‘We provide customized
solutions to all our clients
One of the most valuable assets of a company is information. And
today, ‘digital data is the new black’. The wave of digitization has
revolutionized every profession in every sector. Like every good,
it also comes with a challenge; challenge of security. As digitization comes
bearing countless advantages and now has become inevitable, information
security is one of the greatest threats to any organization today.
ITSourceTEK is an IT security solutions company that guides its
customers to protect their data from cybercrimes. It is an award-winning
leader in the Information Security industry. The company provides
strategic business and technology based cyber security solutions that
leverage enterprise investments and improve efficiency to meet stringent
compliance standards. The team of ITSourceTEK has extensive real world
experience in leading and supporting organizations spanning across many
industries.
ITSourceTEK is driven by the mission to exceed its clients’ expectations
with exceptional service while using success to give back to charities and
the community. Honesty and transparency, with no sales pressure or
pushing a specific solution, are the key traits behind its success. The firm is
strategic with access to the best solutions, and deep relationships across
industries and technologies.
The Journey of Growth and Development
In its journey of more than a decade, ITSourceTEK has overcome many
challenges and evolved to thwart newly emerging threats for the industry’s
leading clients’ environments. At the beginning of this journey, it
supported executives on critical projects at Northrop Grumman, Wells
Fargo, and BD Biosciences. ITSourceTEK grew from those initial clients
into many other high-profile large and complex environments in both the
public and the private sectors. The technology, then, started moving away
rapidly from a controlled perimeter, due to the proliferation of smart
mobile devices, IOT, and Cloud/SaaS providers. In this, the team of
ITSourceTEK saw an opportunity to impact their clients’ security by
helping them move from only a perimeter-based security approach to a
data centric security approach. Since then, they have helped many of their
Fortune 500 clients in protecting their data by embracing the company’s
data centric approach to security.
Safeguarding Healthcare from the Very Start
Towards the beginning of its journey to protect data, ITSourceTEK helped
13. ‘‘
provide McKesson with consulting
services to securely architect and
develop its databases in support of
some of its more critical applications.
Another one of the company’s
contributions was to protect Patient
Healthcare Information (PHI). In this,
it secured more than 100 Million
Electronic Medical Records (EMR) on
a project supporting EDS/HPE for the
California Department of Corrections
& Rehabilitation. The organization
provided architecture, development,
and security of BD’s medical device
firmware and desktop based
applications used to analyze blood
work down to the genomic level for
AIDS, Cancer, and other diseases. In
addition, it has provided complete
assessments, IT support, and security
of ambulatory and surgery centers for
industry leaders like Amsurg. Now, it
is helping some of these and other
healthcare giants look at new and
exciting innovations around the
automation of Governance, Risk, and
Compliance (GRC) and securing data
in more modernized environments,
including Cloud and SaaS.
Prominent Solutions
At its nucleus, ITSourceTEK is a data
security company. Then, as it expands
outward in its offerings to protect data,the
cellular membrane of the firm
includes the following capabilities:
Data Governance, Risk, and
Compliance (GRC) Support &
Solutions- It provides assessments,
requirements, and gap analysis for
security standards (such as HIPAA,
SOX, PCI-DSS, and GDPR), and other
regulatory requirements. It creates
policies and provides solutions to fill
We help our clients protect
their valuable data and assets
from multi-directional threats
Nina Do,COO
14. ‘‘We are not
a sales-based
organization,
rather a trusted
advisory solution
provider
‘‘
any gaps and achieve compliance, ensuring that the
companies meet stringent security standards for
how their data is used, managed, and stored.
Data Encryption, Masking, and Tokenization- It
helps to protect sensitive structured and
unstructured data while at rest and in motion. This
can start at the user interface, on the web or internal
application, and extend through the back-end
systems or data lakes, including Cloud/SaaS
providers. Regardless of the storage location or file
type, it helps to transparently encrypt the
unstructured data to exceed compliance
requirements.
Threat Detection and Policy Enforcement- With the
advanced data science and machine learning, it
helps to develop analytics and create inline
protection to enforce security policies for the
protection of sensitive data in real-time. Its
solutions help to detect anomalies before data and
IT, IoT, and OT systems are compromised. They
also analyze, protect, and report threats from
malicious insiders, ransomware, and other policy
violations using Application and Database Security
Platforms, autonomous threat intelligence, NAC,
and/or combination of these solutions.
DNS and WAF Protection- DNS ports are becoming
a common path for stealing data, as DLPs and other
solutions can’t detect the theft. It addresses these
vulnerabilities and provides protection against
threats such as data exfiltration through the ports in
the DNS. Its recommended DNS and WAF
solutions prevent or mitigate impact from DDoS
and other mission critical attacks.
Cloud Security Strategies and Solutions- It helps to
develop automated security functions to extend
protection as the data and applications move to
Cloud and SaaS platforms. This also includes
automation of policies and configurations for
provisioning and data management functions.
Guided by the Diverse and Resilient Leadership
Team
Brian Arellanes, CEO and Founder, is an
accomplished professional with 20+ years of
award-winning leadership in the technology and
security space. He collaborates with and advises
some of the top C-level executives and Security
professionals in the world, while also finding time
to feed his passion of giving back to the
community.
The10MOSTTrusted
Healthcare
ITSecurity
SolutionProviders2018
15. The COO, Nina Do, has been with ITSourceTEK for 11+
years leading the operational aspects of the company, which
includes Marketing, Advertising, Process Design and
Governance, HR, Payroll, and A/P functions. Nina’s past
experience as an Advertising Executive with a creative
focus for some of the largest global firms has helped her to
streamline messaging and operational efficiencies that better
meet the needs of ITSourceTEK’s employees and clients,
while reducing costs with automation.
Walter Jones, CIO, is a technology mogul with 40+ years
of experience, many of which were at a C-level, leading
thousands of employees at Fortune 50 organizations like
Wells Fargo. Walter’s passion to accomplish business
objectives while bringing up the next generation of thought
leaders is second to none.
Matt Whitmarsh is the EVP and a trusted andexperienced
leader having more than 25 years of technology and
security experience. He has led large public and private
sector projects responsible for P&L, internal and 3rd
party
resources, and delivery of complex systems.
The Director of Operations, Jean Dubois, is a seasoned
leader with 25+ years of experience that is well versed in
financials and streamlining processes. Her entrepreneurial
spirit brings a creative and people oriented approach to
running operations.
Idiosyncratic tactics
A key differentiator for ITSourceTEK is its unique
approach. It is not a sales-based organization, rather a
trusted advisory practice for its clients to draw upon. As
thought leaders in the data security and compliance space,
the company invests heavily in understanding the best
practices and solutions available. Its client relationships are
all managed by trusted executives that have been executives
in similar roles as its clients; this is advantageous to
immediately provide insights based on their real world
experience.
Furthermore, it is product agnostic and is constantly
evaluating proven and emerging technologies.
ITSourceTEK helps its clients to look at the solutions that
have been thoroughly vetted, to help them avoid costly
investigative efforts and/or delays associated with the
vetting process. As it relates to product-based solutions,the
firm's value is further added by bringing strong partner
relationships to its clients at the executive level and high
partner status with deep discounts above the regular buying
power. Along with this, it constantly looks for ways to
automate its internal processes; advising similarly to its
clients. This ensures that its employees have the best tools
and methods to accomplish their tasks. ITSourceTEK also
invests in conferences, seminars, and training courses to
help its employees stay ahead in this competitive industry.
Accolades and Reverence
ITSourceTEK has earned many awards since 2006. Some
of their top honors by some prominent sources from a past
few years include Minority Cyber Security Company of the
Year 2017, Most Valuable Healthcare Solution Provider
Companies 2017, Top 10 Healthcare Compliance Solution
Providers 2016, HP Supplier of the Year for NMSDC 2013
& 2015, and 100 Fastest Growing Hispanic Business in the
USA 2012-2014, amongst many others.
The greatest achievement for any company is the
acknowledgement from its clients. ITSourceTEK has been
praised for always being highly responsive to its client’s
requests to help them fully achieve their goals with a strong
return on investment. Its clients have also appreciated the
company’s technical and strategic depth to help steer them
in the right direction and for finding creative ways to ensure
that they don’t exceed budgetary thresholds.
Arm-in-Arm with the Developments in Security
Industry
With the continual pressure to increase security and
regulations to match, ITSourceTEK’s viewpoint is simple;
protect the data by building a proper governance program
with policies and the technology to enforce them. Asevery
organization is at a different level of maturity and has a
different level of commitment (or budget) to do everything
required; it creates customized solutions for each client.
Addressing the public outcry to increase the level of
protection used for their data, the firm is constantly
evaluating new ways to do so efficiently.
Future Plans
ITSourceTEK looks to continue building its reputation as a
thought leader in the data security and GRC space to help
drive wider adoption of its data centric security and risk-
based approaches.
We believe in
giving back to
those in need
‘‘ ‘
16. Check should be drawn in favor of: INSIGHTS SUCCESS MEDIA TECHLLC
Yes I would like to subscribe to Insights Care Magazine.
Global Subscription
1 Year.......... (12 Issues).... $250.00 6 Months ..... (06 Issues) ..... $130.00
3 Months ... (03 Issues) .... $70.00 1 Month ...... (01 Issue) ..... $25.00
Name : Date :
Address : Telephone :
Email :
City : State : Zip : Country :
CORPORATE OFFICE
Insights Success Media Tech LLC
555 Metro Place North, Suite 100,
Dublin, O H 43017,United States
Phone - (614)-602-1754,(302)-319-9947
Email: info@insightscare.com
For Subscription : www.insightscare.com
SUBSCRIBE
TODAY
Never Miss an Issue
17. Company Name Management Brief
24By7Security
24by7security.com
Sanjay Deo
Founder & President
24By7Security, Inc. is a Cybersecurity & Compliance
specialist and advisory firm with extensive hands on
experience helping businesses build a defensive IT
Infrastructure against all cyber security threats.
Barrier1
thebarriergroup.com
James Libersky
CEO
Barrier1 integrates Intelligent Threat
Management with Automated
Threat Management.
BeyondTrust
beyondtrust.com
Kevin Hickey
President & CEO
BeyondTrust delivers the visibility and control needed to
confidently reduce risk and maintain productivity.
Hashed Health
hashedhealth.com
John Bass
CEO & Founder
Hashed Health is a fast growing Technology Company that
leverages blockchain and DLT to solve the most important
problems in healthcare.
Haystack Informatics
haystackinformatics.com
Adrian Talapan
Co-founder & CEO
Haystack Informatics is a behavior analytics company assisting
healthcare providers with the deep understanding of their
employees’ behavior and its ramifications in the areas of
privacy/ insider risk monitoring and operational improvement.
ITSourceTek
itsourcetek.com
Brian Arellanes
CEO & Founder
ITSourceTEK provides strategic business and technology
based cyber security solutions that leverage enterprise
investments and improve efficiency to meet stringent
compliance standards.
Prey software
preyproject.com
Carlos Yaconi
Founder & CEO
Prey is an anti-theft software company that protects and
helps to locate computers, tablets, and phones remotely,
simply, and quickly.
Seceon
seceon.com
ChandraPandey
CEO &Founder
Seceon delivers pioneering cybersecurity solutions that
protect all-sized organizations by immediately flagging,
quarantining, and eliminating any threats before they do any
damage.
SecureNetMD
securenetmd.com
Jack Berberian
Founder & CEO
SecureNetMD is a fast growing HIPAA CompliantManaged
Technology Solutions Provider that helps healthcare leaders
make better decisions around technology.
Sensato
sensato.co
John Gomez
CEO
Sensato is focused on providing leading-edge, realistic
cybersecurity solutions to the healthcare and critical
infrastructure sectors.
18. 24By7Security
AComprehensive Cybersecurity & Compliance
Solutions Provider
“Westriveto leave no
gaps, byusing a 360-
degree approach for
securityand privacy for
ourclients.
Don'tRiskIT,
SecureIT®”
yber security in healthcare is a
growing concern these days,
Csince there has been a steady
rise in hacking and IT security
breaching incidents in the past few
years. Many healthcare organizations
are struggling to defend their network
perimeter and keep cybercriminals at
bay. A company that addresses this
issue head-on is 24By7Security, Inc. It
is a cybersecurity and compliance
company with demonstrated expertise
in helping businesses build a defensive
IT Infrastructure against all
cybersecurity threats.
An award-winning and respected
member of the security community,
24By7Security provides a rich menu of
security and compliance services,
including the flagship Security Risk
Assessment and HIPAA Compliance
Package. It has been in business since
June 2013 and has provided
cybersecurity consulting services to
several organizations. The company's
team members have numerous
certifications and have been actively
involved in IT security projects for
years.
The Leader behind Its Success
The company is the brain child of
Sanjay Deo, who is the President of
24By7Security. In 2013 Sanjay was the
CEO of a Security Operations Center
and Consulting firm. With several
years of information security
experience in multiple industries, he
saw an opportunity in healthcare
security and compliance. That’s when
he founded HIPAA-HITECH-
SOLUTIONS, Inc. with the mission of
providing HIPAA compliance services
in South Florida. As the businessgrew,
more opportunities appeared and its
client segment started expanding. The
company’s team consists of experts in
cybersecurity, healthcare technology,
and consulting. With their help Sanjay
decided to expand the business to
cover all industries. That is when
24By7Security was born and the old
company folded into the umbrella of
24By7Security.
Sanjay has over twenty years of
cybersecurity and compliance
experience. He holds a Master’s degree
in Computer Science from TexasA&M
University, and is a Certified
Information Systems Security
Professional (CISSP) and Healthcare
Information Security and Privacy
Practitioner (HCISPP). He serves on
the Board of the South Florida CIO
Council, and also Co-Chairs the South
Florida CISO Forum. Sanjay is a
frequent speaker on IT Governance,
Compliance and Cybersecurity at
national conferences. He is a member
of the South Florida InfraGardAlliance
and Sector Chief for the Information
Technology track.
Distinct and Holistic Services of the
Company
24By7Security offers cybersecurity
related services in the areas of strategy,
assessments, remediation, and training
for all major industries including
healthcare, education, hospitality,
financial, insurance, government, law
firms, retail, manufacturing and
entertainment. As cybersecurity
concerns continue to rise, businesses
seek professional services to enable
better security and ensure their
confidential data is properly protected.
The company helps its clients manage
their data privacy while getting
compliant with regulations that major
industries like finance, healthcare, and
education are required to uphold.
24By7Security provides a holistic list
of services which includes:
Cybersecurity Services: Security Risk
Assessment, VulnerabilityAssessment,
Virtual or Part-time CISO, Web
Application Testing, Social
Engineering Testing, Physical Security
Testing, Policies and Procedures.
16 | September 2018|
19. Compliance Services: HIPAA/ HITECH, HITRUST,
GLBA, FFIEC, FIPA, SOC – SSAE 18, GDPR,
FERPA, New York Cybersecurity Regulations, SOX,
Dodd Frank Act, PCI DSS, FedRAMP, NIST –
Cybersecurity Framework, and ISO-IEC 27001.
Cyber Incident Management: Incident Response, Cyber
Incident Investigation, Forensics, and Remediation.
Training: HIPAA Training and Cybersecurity
Awareness Training.
The firm’s proprietary Security 2.0 – {Reactive,
Proactive, Counteractive} model allows it to adjust its
methodology to deliver the right type of resolution for
each situation. 24By7Security’s comprehensive
Defense in Depth 2.0 approach allows its clients to
understand the full extent of their vulnerabilities and to
create an end-to-end security strategy.
Achievements of 24By7Security
The company has achieved many milestones throughout
its 5-year journey. Some of them are:
500+ Security and Privacy risk assessments
conducted as of September 2018.
New company website launched in July 2018
Certified as a State of Florida Certified Business
Enterprise–Woman owned and Minority Owned
Business Enterprise (WBE/ MBE) in May 2017
Sanjay Deo, President and Founder of 24By7Security,
appointed as Technology Sector Chief for FBI
Infragard, South Florida chapter
The company launched HIPAA Happenings, an
educational networking session on HIPAACompliance
for healthcare providers and staff in South Florida. The
second session of HIPAA Happenings will be a brand
new, complimentary virtual offering of the mandatory
2018 HIPAA Compliance training for healthcare
providers.
Offering Hassle-free Work Environment
The firm has team members from varying backgrounds
such as healthcare, information technology, compliance,
IT Security, finance, government, and more. Its team
members are at varying levels of seniority ranging from
CIO, CISO, and Technology Director to Security
managers and Security Analysts. 24By7Security’s team
members are highly credentialed in information security
and healthcare. It provides competitive compensation
and benefits recognizing the value of its employees.
The10MOSTTrusted
Healthcare
ITSecurity
SolutionProviders2018
Sanjay Deo
Founder &President
The company’s mission statement includes providing a
positive and productive workplace to its employees. It
encourages a friendly, communicative, and flexible work
environment and plans team events frequently to build
camaraderie. 24By7Security offers several educational
opportunities to team members to attend conferences and
training programs.
The company believes and values its old traits in keeping
up with daily challenges. “Sometimes it’s the good old
traits that come a long way,” asserts Sanjay. It has a five-
pronged approach towards its projects and assessments,
which when working together seamlessly in a project, helps
its clients achieve success. This approach includes people,
process, tools/ technology, in-depth PHI/ PII review, and
communication/ documentation. This is evident in the high
number of repeat contracts and word-of-mouth referrals
24By7Security receives.
Booming Future of 24By7Security
Currently, 24By7Security is growing rapidly in markets
within and outside South Florida, expanding within the
state and also in other states. In the years to come, it
projects itself as a major regional player and advisory
company in cybersecurity and compliance functions. From
a company size point of view, it expects to be at least
double its current size in terms of revenue and team
strength.
| September 2018 | 17
22. Hashed Health
Leveraging Blockchain Technology to Enhance
the Care in Healthcare
“Webuild blockchain
solutions thataddress
long standing
problems inhealthcare”
n a time when almost everything
people knew about blockchain
Irevolved around bitcoin, John
Bass, the CEO and Founder of
Hashed Health, envisioned how the
underlying technology could transform
healthcare. In early 2016, this was a
radical connection. When its potential
clients likely only knew of the
technology because they paid a ransom
using bitcoin, the idea that blockchain
might ultimately save healthcare was
easily dismissed. Nevertheless,
Nashville, Tennessee, a town built on
traditional healthcare, has now
embraced Hashed Health as a star.
Hashed Health is a fast-growing
Technology Company that leverages
blockchain and distributed ledger
technologies (DLT) to solve
healthcare’s most important problems.
The company endeavors to build an
ecosystem of businesses that organize
networks of stakeholders around
blockchain technology solutions which
will, in turn, impact the cost and
quality of healthcare in the U.S. and
globally. Hashed Health believes that
blockchain is the framework that will
underpin the changes to value and
delivery structures, enabling a more
sustainable, patient-centric system.
From the CEO’s Corner
John is a healthcare innovator and an
international speaker seasoned with
two decades of experience in the
healthcare industry. He has spent his
career building businesses that help
organizations realize value through
collaboration in previously siloed
areas. His earlier success stemmed
from solving institutional issues around
transparency, trust, and the alignment
of incentives in a world before
blockchain. Early on, John recognized
that blockchain is purpose-built to
solve these exact issues.
To start Hashed Health, a company
based on a technology in which few
people could see utility, he walked
away from a CEO role at a subsidiary
of the city’s most prominent healthcare
company. “For me, blockchain was the
first thing I’ve seen since the internet
that has the opportunity to change the
conversation around healthcare. All of
these things that the blockchain has
become known for can be applied to
healthcare to solve some of these really
traditional problems that we’ve always
wrestled with,” says John.
An Innovative Organizational
Structure
When Hashed Health was launched as
a product company in 2016, there was
no market for blockchain solutions. It
had to create one.
“Our goal is to be a product company,
but we had to build a market first. That
was the interesting conundrum.
Blockchain is not just about a product;
it’s about a network. In order for a
product to be meaningful, you have to
have a network of participants ready to
use that product and that means
addressing both technical and non-
technical concerns,” John said.
The Hashed Health model has three
distinct, synergistic areas to launch
meaningful products in its unique
space.
Hashed Enterprise helps healthcare
organizations and other companies
understand how blockchain could
affect their businesses, the drivers of
cost and value for blockchain in
healthcare, and use-cases appropriate
for blockchain. Enterprise is the
services arm of Hashed Health. Its
customers include some of the largest
insurance companies, non-profits, IT
20 | September 2018|
23. vendors, and government agencies in the US and
abroad.
Hashed Labs is a team of blockchain healthcare product
managers and engineering talent. They build product
and work on innovative business models and
governance structures. This team specializes in finding
the sweet spot between a technical solution, an
innovative business model, and a governance
mechanism that makes a product come to life.
Hashed Collective is an open community-building
forum for healthcare organizations, consumers,
entrepreneurs, and developers to talk about blockchain
applications for healthcare. Collective includes
meetups, podcasts, webinars, newsletters, online
educational resources, and other innovative community-
building tools to help broaden the community of
blockchain healthcare advocates.
These three areas of the company work in sync to
support market-development activities alongside
Hashed Health's products and partnerships.
More than just a Technology Company
The core team of Hashed Health has their background
in healthcare, enabling the company to stay on the front
lines of Health IT, payment models, and care delivery.
They understand the problems and the obstacles in
healthcare and sees blockchain as a way to fix them.
Blockchain, for Hashed Health, is not a technology in
search of a problem. If a problem can be solved without
blockchain, the Hashed team will be the first to say so.
As a company, it is also platform-agnostic – for each
application and each use-case the team looks at all
available blockchain platforms and tool sets and then
works with the stakeholders to pick the best instance for
the problem at hand. The firm’s values are intertwined
with blockchain’s core characteristics – trust,
collaboration, transparency, and incentive alignment.
The Milestones in Its Journey to Success
The company just celebrated it two-year anniversary.
From local meet-ups to co-hosting the world’s premiere
blockchain-focused healthcare conference, Hashed
Health has successfully led blockchain to its place as
one of the hottest topics in healthcare. Travelling
around the world, the team has presented and keynoted
The10MOSTTrusted
Healthcare
ITSecurity
SolutionProviders2018
John Bass
CEO & Founder
at major healthcare and blockchain events by invitation
from major healthcare players and governments.
To add to its glory, the developers at Hashed Health have
completed and won premiere hackathon events like
ETHWaterloo and Discover Blockchain, to name a few.
Individually, John has been awarded Nashville Technology
Council 2017's Innovator of the Year.
Strong-Willed to Better the Future of Healthcare
Currently, the company is building an ecosystem of
solutions that address previously unsolvable problems.
Hashed Health endeavors to create a portfolio of
complementary and symbiotic applications that will
fundamentally change healthcare delivery. With
frameworks and marketplaces, it wants to allow the
industry, constrained by legacy practices and technologies,
to evolve without blowing up a system so many patients
depend on.
“Starting from scratch is not an option, but the current
system is unsustainable – blockchain is how this generation
can evolve away from today’s healthcare infrastructure that
is collapsing under its own weight,” John said.
| September 2018 | 21
25. Mobile health or mhealth is a general term coined for the use of mobile or wireless technology in the
healthcare systems. It is a part of ehealth healthcare practice. The most common application of the
ehealth is to educate the consumers about the preventive health care services. It is also used in disease
surveillance, treatment support, epidemic outbreak tracking, and chronic disease management. mhealth is popular
due to the areas that are accompanied by a large population and the widespread mobile phone usage. Within the
digital health, mhealth encompasses all the application of multimedia and telecommunication ensuring accurate
delivery of the healthcare and health information.
Some of the practical examples of mhealth are the voice communication and mobile messaging for the provider to
improve the health behavior. Mobile technologies are helping the healthcare sector in improving training and service
quality of healthcare workers, reducing the cost of service along with reducing the redundancy and duplication of the
collected information.
Motivation
One of the main aspects of the mhealth is to push the limits of the healthcare sector and quickly acquire, transport,
store, secure, and process the raw processed data into useful and meaningful results. mhealth offervarious abilities to
the remote individuals so that they can participate in the healthcare value matrix, which was not possible in the past.
In many such cases, these participants can provide their valuable contribution in gathering data or
create awareness of the disease in public health like outdoor pollution, violence, or drugs.
Motivation arises in mhealth due to the following two factors:
The first factor is the rise of the constraints faced by the healthcare system of
developing nations. These constraints include the population growth, limited
financial resources, the burden of disease prevalence, and a large number of
the rural inhabitant.
The second factor is the rise in mobile phones in the world and its large
population. The greater access to the mobile phones in all segments of the
country helps in saving information and transitional costs for the proper
healthcare delivery.
Health Outcomes
The integration of the technology with the health sector has promoted the
betterment of the health, its lifestyle, and has improved the decision-making
ability of healthcare professionals. Overall improvement is seen in the areas like
health information and the instant connection between patients and health professionals,
which was not possible before. Following that, there is an increased usage of technology that has
reduced the health costs and has improved the efficiency of the healthcare systems. The growth of health-related
applications has further boosted the growth of the mhealth.
A potential implementation is the direct voice communication for the poor literates and local-language versed
people. The phones equipped with the local language aid in information transfer capabilities that were not available
before. With the help of the mobile technology, the support for the existing workflow within the mhealth sector and
the general public has increased.
Pocket Wellness
| September 2018 | 23
26. The Advantages
mhealth provides various versatile advantages across all the
areas of the healthcare industry. It not only helps the
disease-affected citizens but also helps in monitoring
potential patients that are at risk. Furthermore, it has
incredible potential in the biometric hardware and real-time
analytics.
Majority of doctors believe that the applications developed
in the name of health are actually beneficial. Aroundninety-
three percent of doctors suggest that the mobile healthcare
applications help in improving the overall health.
Some of the most common advantages of mhealth devices
are:
Medication reminder- Using a reminder, the public can set
timers for their medications, exercise, and many more such
activities.
Fitness trackers- People can monitor their fitness and
burned calories.
Calories counter- People can monitor how much calories
they are taking-in and can control it.
Mobile emergency health communication- Citizens can
contact their loved ones in any kind of emergencies. If the
device has autonomous capabilities, it can automatically
contact the concerned authorities.
Heart and Vital monitoring- Application rendered with the
vital monitoring abilities can be very useful. Citizens can
use these while exercising or in the case of emergency for
example, patients’ vitals’ can be monitored in an
ambulance.
As mhealth is becoming widely known, healthcare
providers are embracing the mobile communications, thus
improving the relationships with the patients.
Constraints
Major hurdles in the mhealth are the guidelines regarding
the privacy and security of the health data collection on
mobile technologies and identifying new opportunities to
enhance the delivery of mhealth services. According tothe
surveys, resistance is seen from staff and physicians due to
the change. They are unwilling to learn new skills ornew
technology. They also believe that it impedes their
workflow.
In terms of workflow, the structure of evaluation presents a
major challenge for the healthcare sector. There should be
resolute standards for the evaluation. With the constant
change of technology, infrastructure, and innovative
research methods, there is a specific need to evaluate the
process and consequences of the action taken in the mhealth
process implementation. Consequently, a balance is
required to be maintained in the mhealth applications and
its execution. Healthcare providers must also take care of
the data overloading. As the data is collected in the real-
time and recorded, there must be a proper assessment of the
collected data where non-important data is filtered out.
Industry Trends
Being the fastest growing trend, the mobile platform is used
by more than five billion people in the world. With the
increase of smartphones and wireless network technologies,
the digital healthcare systems have new possibilities
alongside new challenges to provide high quality,
efficiency, accessibility, and lower cost to the healthcare
services. Various reports suggest that the consumers are
expecting mhealth to change the overall healthcare
experience with the way the digital information is obtained.
The impact of mHealth is seen in the relationship and
overall communication between a patient and the physician.
Studies have shown that the health monitoring devices and
cellular connectivity has reached more than seven million
people. The combined market of the mobile health
applications, health, and wireless apps, is expected to grow
at a significant amount. In some countries, there are apps
that are monitoring the patient's asthma right from their
mobile phones. It is done using the microphone of the
phone just like a spirometer. Other countries are using a
wireless shoe insole, used to monitor the blood pressure in
the heel. This digital shoe alerts the diabetic patients, when
there is too much weight on feet, which can help in the
elimination of foot ulcers.
mhealth has enormous potential and is growing rapidly
along with changing technology. Various international
organization and global experts are researching
continuously to foster the best use of current promising
technology to improve the global health.
24 | September 2018|
27.
28. Haystack Informatics
Leveraging Behavioral Analysis to Secure
Health Systems againstInfringements
“Wehelp
safeguard
andoptimize
healthcare”
nformation Security in healthcare
is a major issue as the nature of
Ithe data in this industry is very
sensitive. As a recent Verizon report
concluded1
, 58% of security incidents
are caused by insiders. In fact, the
authors of the report found the
healthcare industry as the only industry
in which internal actors are the biggest
threat to the organization. These
incidents include unintentional errors
and malicious actions, as well as the
abuse of access privileges. They
involve the loss of unencrypted
devices, snooping on patients’
information, hacking, and malware
attacks. Inside threats are hard to
identify and harder to control. With the
assistance of a trusted security partner,
this task can be made effective and
easy. Haystack Informatics, Inc., a
behavior analytics company, is one
such firm that helps the healthcare
providers to protect their data and
operations from various threats.
The company was born at The
Children’s Hospital of Philadelphia
(CHOP) as a next-generation platform
to advance patient privacy monitoring.
Since then, it has grown its offering to
capitalize on its deep understanding of
employee behavior in regards to the
use of Electronic Health Records
(EHRs), and the ramifications of this
behavior in the areas of operational
efficiency, time-driven activity-based-costing
(TD-ABC), and performance
improvement.
About the Company
Haystack Informatics is a privately
held company, headquartered in
Philadelphia, PA. It is driven by the
mission to safeguard and optimize
healthcare. Rooted in the values of
Integrity, Passion, and Ownership,
Haystack’s vision is to be the partner
of which healthcare institutions think
about first whenever they need to
protect against insider threat or turn
their operational data into actionable
insight.
From the CEO’s Desk
The Co-founder & CEO of Haystack
Informatics, Adrian Talapan, is a tech
entrepreneur. Previous to the
establishment of Haystack, he
co-founded HouseFix, a marketplace
for homeowners and home
improvement contractors (TechCrunch
Disrupt finalist), and Clarix, a clinical
trials logistics and management
platform for the pharmaceutical
research and development industry.
Talking about the industry and the
company, he asserts, “Healthcare is a
complicated business, which only got
more complicated with the introduction
of massive Electronic Health Record
systems. Running on thin margins,
healthcare professionals are currently
in the delicate position to deliver the
best care they can, while operating in
an increasingly information-rich
environment that puts significant strain
on their capacity to do so. We believe
safeguarding and optimizing
healthcare are essential initiatives for
the next 3-5 years, which is why we set
offto help health leaders on this path.”
Tech-Powered Services
Haystack currently offers two services,both
delivered as Software-as-a- Service
(SaaS): Haystack Monitoring and
Haystack Intelligence.
Haystack Monitoring: This is a next-
generation insider threat monitoring
platform, which uses behavioral
26 | September 2018|
29. science to assist healthcare professionals with the
detection, investigation, and reporting of patient privacy
violations, as well as with drug misdirection and other
employee behavior deviations. It focuses on
understanding employee behavior and patient
interactions in the context of delivering care. Combined
with intuitive visualizations and end-to-end reporting
functionality, this solution allows privacy experts to
focus on the most critical threats.
Haystack Intelligence: It offers healthcare leaders the
ability to understand the operational performance of
their domain. This solution delivers an objective
diagnosis and determination of the root causes of
operational efficiencies and inefficiencies as they arise
in the areas of EHR Workflow Optimization,
Operational Improvements, Service Cost Management,
and Patient Experience. “I make performance
improvement a breeze. I reveal exactly where you
should implement the smallest change to get the biggest
benefit at the lowest cost. Objectively track the ROI of
your improvement changes today.”- Haystack
Intelligence
Distinguishing Characteristics
The company encourages employee diversity and
empowerment. It believes that different points of views
and personal initiative generally lead to stronger
outcomes and this makes the work environment more
exciting. Haystack is a customer centric organization
and its special relationship with CHOP keeps it abreast
of the latest challenges and opportunities in healthcare.
In turn, these allow it to remain best aligned with
industry needs. Haystack works alongside its customers
in four steps: Ingest: simple data retrieval from EHR;
Identify: exploring the data to find snooping risks and
best practices and opportunities; Improve: make
changes to improve the provider behavior; and
Measure: quantify and monitor the impact of any
changes. There are several data sources that track the
on-going processes within the health system and each
of it creates a unique viewpoint into what is happening.
Haystack Monitoring is analyzing the entire universe of
risk and Haystack Intelligence combines them all to
provide insight about performance bottlenecks and
opportunities.
Certainty about a Bright Future
Haystack is aware that the healthcare industry will continue
to experience significant challenges in the years to come. It
foresees that a data-based approach, inspired from lean
manufacturing techniques, can help healthcare leaders adapt
to changing circumstances. The company believes it iswell-
positioned to assist health systems navigate through these
upcoming challenges, given its focus on safeguarding and
optimizing healthcare.
1
https://www.verizon.com/about/news/new-report-puts-
healthcare-cybersecurity-back-under-microscope
“Haystack Monitoring,showingan anomalousaccess (red
link)and thecontextaround it"
“Haystack Intelligence,showinghowan encounter typeis
performedacross varioussites,
with associatedcostdifferences”
The10MOSTTrusted
Healthcare
ITSecurity
SolutionProviders2018
| September 2018 | 27
31. Dr. Steven Pelech is the Founder, President, and Chief Scientific Officer of Kinexus
Bioinformatics Corporation, and concurrently a full professor in the Department of
Medicine at the University of British Columbia. He was formerly the founder and
president of Kinetek Pharmaceuticals. He has authored more than 230scientific papers
and created the SigNET on-line Knowledge-bank. Seasoned with over twenty-five years
of experience in the areas of science, business, and administration, he has contributed
leadership, vision, and strategic planning to Kinexus.
he costs of sequencing the order of nucleotide bases in the DNA strands found in chromosomes have
plummeted by a million-fold over the last 25 years. The entire sequence of 2.9 billionnucleotide
Tbase-pairs in a single human genome can now be determined for less than $1000. Complete genomes
of hundreds of thousands of people are expected to be sequenced over the next decade.
While the acquisition of such genomic knowledge was originally forecasted to herald better diagnostics and
therapeutic treatments, the actual deliverables for improved health care have been disappointing. Excluding
cancer, it has become apparent that only about 10% of the cases of the most common diseases that afflict our
population have a genetic basis that can be ascribed to hereditary mutations in the DNA sequences ofspecific
genes.
Over 100 million single nucleotide variants appear to exist in the human population, and perfectly healthy
people appear to commonly harbour about 100 or so serious disease-associated mutations without any
apparent manifestations of these particular diseases. Studies, with over 50,000 genetically identical twins,
have shown no increased risks for the 24 most common diseases amongst the twins than for a twin with the
general population.
About the Author
| September 2018 | 29
Biomarkers
32. Over 95% of the known 21,300 genes carried in the human genome serve as the blue-prints for the construction of all of
the cellular proteins, known as the proteome. These proteins function like molecular robots to regulate and carry out all
of the biochemical reactions needed to keep cells alive. Their programming for specific tasks is partly hardwired into the
structures of these proteins as dictated by their gene sequences. But, they are also tightly controlled by reversible
modifications after they are initially manufactured, which are added on by regulatory proteins that operate within cellular
intelligence systems.
While gene sequences can provide some clues as to the potential functions and interactions of proteins with each other
and other molecules, this information is extremely limited. Even now, we do not have a real sense of what over a third of
these diverse proteins do, and less than 20% of these proteins have received any real serious attention in research labs.
The disconnect between genetic information and the actual occurrence of disease is due to the high impact of
environmental factors such as diet, life style and exposure to agents in the environment that can affect the proteome.
Proteomes are immensely complex and dynamic. For example, blood plasma may contain as many as 40,000 different
protein products, and their individual concentrations can range over a trillion-fold. Consequently, tracking proteins offers
much better insights into the occurrence of diseases than genetic profiling, and importantly the opportunity for more
rational therapeutic intervention.
While about 21,300 genes encode proteins in the human genome, the actual number of distinct protein entities in the
proteome may actually exceed several million, largely due to the range and degree of added modifications and other
processing. More than 50 types of modifications have been documented in proteins, with phosphorylation as the
predominant reversible regulatory mechanism. Over 85% of the proteome is known to be phosphorylatable at over
250,000 sites, but the actual number of phosphosites appears to be closer to a million. The occurrence of these and other
modifications in proteins represent a rich source of biomarkers that may correlate better with the development of
pathologies.
Most sites of known protein modification were originally revealed by mass spectrometry (MS). However, apart from
being very expensive, MS requires milligram amount of biological sample material and is finicky for reliable detection
of desired target proteins. For example, out of some 3000 phosphosites in proteins that have been well documented to be
functionally important in the scientific literature, about 22% have not been reported in any MS studies, whereas another
16% were documented in only one of thousands of MS analyses that had been performed.
Antibodies have been well proven to be reliable and effective probes for the detection and quantification of specific
proteins for their present and modification states. Over a million different antibodies against diverse proteins are
presently commercially available. Furthermore, the printing of antibodies as individual microdots on microscope slide-
sized chips with densities exceeding 5000 spots per chip has paved the way for biomarker discovery that is easily
translatable into the development of routine diagnostic tests. Biomarker antibodies can readily be re-deployed into other
tried and true platforms such as immunoblotting, ELISA, and immunohistochemistry.
Problems with sample preparation, high background issues, and low sensitivity of detection initially hampered the wide-
spread adoption of antibody microarrays. However, recent breakthroughs on all of these fronts have poised antibody
microarrays to become the most versatile, reproducible, and cost-effective tools in the foreseeable future for biomarker
discovery, using as little as 25 microgram amounts of protein samples from crude, unfractionated lysates from cells,
tissues, and bio fluids. High content antibody microarrays can identify the most appropriate and robust panel of
biomarkers. When used to probe lysate microarrays printed instead with hundreds of patient specimen samples on each
slide, these biomarker antibodies can provide accurate, comprehensive and economical diagnoses for diseases and for
the monitoring of the effectiveness of therapeutic treatments.
30 | September 2018|
33.
34. Prey
Devouring Cyber Theft with Modernism
&Amendment
“Oursolutionpromises no
theft,no dataleaks, only
organizedand secured
mobilefleets”
The development of technology
is leading to more and more
devices to be connected to the
internet; data is becoming the new oil
for both the developed and developing
nations. However, this has given rise to
the threat of data breach, loss, and
misuse, which have become an
alarming issue in today’s scenario.
This is especially true for medical data,
which is increasingly stored on mobile
and connected devices, becoming
vulnerable to theft or misplacement.
Even with the industry in constant
development, IT security inhealthcare
suffers from outdated regulations that
set security standards far below the
threat line.
To counter this issue emerged a
company, Prey Software. It specializes
in providing a software platform that
secures and manages mobile devices
like laptops, phones, and tablets
against theft, loss, and data
misplacement.
Prey wants its users to have all the
necessary tools to stop fearing theft,
and to prevent the chance of devices
getting lost or stolen in the first place.
The company wants to turn that
problem into an opportunity for
organizations and users to stand up
against theft or loss of critical devices
and regain control over their data.
‘Prey’ing Tactics
It integrates all devices independently
and irrespective of their operating
system, and centralizes them under an
online panel that serves as a remote
control room. From there, the
administrator can operate Prey’s
functionality, triggered by Prey’s
installed agent to monitor a mobile
device fleet’s position, organize into
labeled groups, and passively monitor
devices utilizing its Control Zones
geofencing tool to detect movement, if
the devices leave a designated area
such as a hospital lab, building, or
campus.
In case of theft or loss of a device, the
administrator will be ready to react to
the event and secure the data located
on a lost device remotely, locking it
down and eventually retrieving it. As
for the asset itself, Prey’s tracking, or
‘MISSING mode’ will generate reports
with pictures, location, nearby Wi-Fi
networks, hardware changes, and a
wealth of actionable data that
empowers police to take immediate
action to retrieve the mobile device.
Overpowering the CyberSecurity
Space
Prey provides a thorough solution with
a steadfast focus upon anti-theft and
data loss prevention. Health and
educational organizations interact with
extremely sensitive data regularly and
require a solution that, aside from
general management, ensures that there
is a barrier against all the worst cases.
This is why Prey focuses on protecting
the data, locking it, or eliminating it if
necessary.
The company makes it easy to retrieve
a misplaced device, or stolen devices.
It initiates proper device recovery and
identification of the perpetrator through
comprehensive evidence reports.
The organization’s initial success has
created a strong base of trust. Prey
Software, being a part of an industry
that deals with extremely sensitive
issues, focuses on transparency and
open development that has proven to
give its users the peace of mind they
need.
32 | September 2018|
35. A Leader with a Revolutionary Thought Process
Prey was born in 2009 when Carlos Yaconi, who is the
current CEO of the organization, joined forces with
Tomás Pollak, the initial founder of the Linux
application. Together they created the first global
tracking and anti-theft application for mobile devices.
Prey Anti-theft, the brain child of Carlos, grew from an
initial single-platform solution into today’s
comprehensive multi-O/S and multi-device tool; which
aids businesses and consumers to protect nearly all
devices, regardless of the operating system or device
manufacturer. It is a one-stop solution, which secures
and manages all of a company’s various mobile
devices.
The key to this continued expansion of Prey is the by-
product of the flexible environment Carlos created
within the company, welcoming methodology changes,
according to the team’s needs or the evolving needs of
customer organizations. This open approach came from
Carlos’ past experience as an entrepreneur leading two
software and service provider companies named Nectia
and Bizware that are still active today, as well as his
background as a Computer Science and Information
Technology graduate.
Notable Milestones Achieved by Prey
Carlos is a firm believer in the power of open-source
community and solutions, and in 2012, this led Prey to
become part of the global Endeavor program, an
initiative that connects entrepreneurs all around the
world to promote and generate change. By offering an
exceptional service and protection against theft, Prey
has been granted the Presidential Award for Innovation
in Chile and it is the first public anti-theft solution
available for mobile devices worldwide. The company
has led to the development of an entire industry with
the basic goal to provide anti-theft solutions, which
gave a thrust to various similar platforms like ‘Findmy
iPhone’ by Apple. Today, Prey is protecting more than
8 million devices!
Maintaining a Healthy Office Environment Carlos
asserts, “Office culture plays a huge role in the
company”. Prey believes in open spaces and
comfortable environments, with flexible positions,
games, and isolated spots for anyone in the company to
The10MOSTTrusted
Healthcare
ITSecurity
SolutionProviders2018
Carlos Yaconi
Founder &CEO
work. “We’re a small group of people so we must ensure all
relationships develop smoothly, tackling any issues up front
with open discussions”, adds Carlos.
Prey has applied a unique horizontal methodology to the
company’s business approach. In a nutshell, Prey
employees bring their talents to participate as a whole,
independently of the area or position they work in.
Speaking of the dynamic workspace, Carlos says, “Projects
and ideas are approached in collaboration, welcoming new
ideas and encouraging feedback from every employee, no
matter what their defined role is.”
A Strong Leap into the Future
The company is continuously looking to tackle new security
opportunities, from the development of improved anti-theft
and multi-device management capabilities, to reaching new
frontiers that suffer from the same problems and security
challenges. Prey Software works hard to stay up-to-date
with its user’s requirements and help them with more
thorough solutions that add additional barriers to block
threats, such as the development of remote encryption.
The following years will see Prey expanding to help secure
new formats from theft and to simplify the management &
control of devices and data in an increasingly mobile
world.
| September 2018 | 33
37. ersonal Health Records (PHR)
Psecurity is the new ladder that
many security technologies are
trying to climb. One of the reasons that
healthcare providers are working
towards this is that they are willing to
secure their and patients’ data. The
other reason is that is a requirement
imposed by the legislations such as
HIPAA, HITECH, etc. which are to be
obliged to, to avoid penalties.
Tokenization and encryption are two of
the technologies used to safeguard
information. Both of these are critical
to an organization to avoid breaches.
Even then the dilemma of encryption
versus tokenization does exist.
In simple words, encryption is masking
of critical information. At one end, the
data is encrypted, like a code, and then
sent over to the other end. Only the
user at this end has the key to decrypt
the already encrypted data, and no
other party can decode it. This key can
be given to more than one end user to
facilitate broadcast of information to
authorized group of people. This
process helps in avoiding interference
of any third party and reduces the risk
of data theft or unwanted data
modification.
In tokenization, the data is protected
using tokens. Small chunks of data are
assigned particular tokens, which point
to the location where this data is
stored. Giving the tokens to selective
users allow them to access data with
ease and security. Once intercepted,
these tokens are rendered useless and
cannot help in accessing the real
information. The benefit of tokens over
encryption keys is that the tokens are
easy to handle, they are one time
generated codes and hence, do not
compromise real data.
Forms of Encryption
The mathematically encoded data
using encryption is called ‘Cipher’ and
the key used to decode the cipher is
Data Cryptology
| September 2018 | 35
38. called as ‘secret key’ There are two types of encryption
keys: symmetrical and asymmetrical. In symmetrical
process, same key is used to lock and unlock the data, while
in asymmetrical these two keys are different. This helps to
reduce the radius of data vulnerability. Additionally, key
rotation can be used. Regular key rotation limits the amount
of data that can be encrypted using a single key. Therefore,
in case of interception, only a small amount of data is
vulnerable.
Vault-based andVault-less
Tokenization
In the process of tokenization,
all the tokens are stored in a
token vault alongside data and
in the same size at data,
eliminating to need to modify
the storage space. Referencing
the token vault is the only way
to access data. The vault-based
tokenization needs expensive
synchronization methodologies
as well as it is too complex to
store large amount of data.
Recently, vault-less tokenization
was developed to tackle the
challenges in vault-based one.
In this, the sensitive data is replaced with a fake data that
looks exactly alike. It provides high security while
maintaining the usability of data.
The Dilemma
Although both, encryption and tokenization are forms of
cryptography, they are very different and not
interchangeable. Each of them has its own set of benefits as
well as disadvantages. There remains a conflict between
which of them is best, the solution to which depends on the
organization’s requirements.
Edward Snowden, an American computer professional,
said, “Encryption works. Properly implemented strong
crypto systems are one of the few things that you can rely
on”. Encryption, today, is commonly used by millions of
people to encrypt the data on their phones and computers to
remain secure in case of accidental loss of sensitive data.
Also, it is used by government and corporates to thwart
sensitive data, surveillance, and so on, as it is possible to
encrypt and decrypt large amount of data with just one key.
Although it brings in many effective solutions, it also has
few drawbacks. Encryption breaks application
functionality; there is always a trade-off between the
strength of encryption and application functionality.
Moreover, if the key is compromised, the thief or hacker
can unlock all the data the key was used to protect.
In tokenization, these intricacies are eliminated. As the
token is a random code and not actually data in the
encrypted form, when and if compromised, no data is
breached. Also, as tokens only map the actual data, the
problem of application functionality is solved. But, with
tokenization, the user’s database increases in size as it has
to store the tokens separately. This makes it harder to scale
and maintain the database. Exchange of data is also difficultas
the exact token is needed to unlock it.
The Ever-Growing Need
With the digital revolution, the
landscape of business world has
turned upside down. It has created
entirely new industries and
enterprises. But, it has made the
organizations vulnerable to
various destructive and new
threats. Some of the industries,
including healthcare, rely on large
amount of data that is sensitive in
nature. As the volume of this data
grows, so does the risk of cyber-
attacks. Cyber criminals trade in
personal and sensitive
information; it is literally the
currency for them. The stolen or
hacked data is further sold to various buyers who sell it
further for even more money. To safeguard against these
threats, businesses and individuals should take immediate
steps in this direction and comply to several regulations like
HIPAA, GDPR, etc.
Use Cases of the Two
Tokenization is commonly used to protect payment card
data. It is also used to safeguard other types of data,
sensitive in nature, like telephone numbers, account
numbers, email addresses, security numbers, and the data
needed in back-end systems. Encryption, on the other hand,
is better suited for unstructured data including long text
paragraphs or complete documents. It is also ideal for
exchange of data with the third party, helping to validate its
identity online. Both these technologies are being widely
used now-a-days to protect the data stored in applications or
cloud services.
The question that remains is- which one of them is better?
But the ideal solution depends upon the circumstance under
which it is used. Although tokenization is often seen to
more efficient, as there is no link between the original data
and the tokens, encryption can be considered the best
choice in case of unstructured data. Organizations can
leverage the benefits of either encryption or tokenization, or
even both, according to the difficulty at hand.
36 | September 2018|
39.
40. SeceonDelivering Cutting-Edge IT Security for
Healthcare’s Digitally TransformingWorld
“Wemake iteasyfor
healthcareorganizations to
protect theirdata and their
business from all known
and unknown cyberthreats.”
nnovations in mobility, IoT,
wearables, and cloud computing
Ihave empowered healthcare
systems to improve healthcare
management and enhance patient-
provider relationships. While the
healthcare industry has embraced these
benefits, increased connectivity is also
putting health systems at much greater
risk of malware and other cyber threats
that, if successful, could have
devastating consequences on patient
care, privacy and healthcare
organization management.
Massachusetts-based Seceon delivers
cutting-edge IT security solutions toits
clients to protect against these risks by
immediately detecting, quarantining,
and eliminating any threats before they
do any damage.
This trailblazing IT security company
is distinguished for offering the first
fully automated, comprehensive cyber
security platform that helps
organizations to safeguard their
valuable information and people.
Seceon’s mission is to empower SOC
and IT teams of all-size organizations
to easily and affordably detect and
mitigate threats, as soon as they are
uncovered.
Since its inception, Seceon has
successfully served over 300 clients,
won more than 50 awards, and built a
robust network of 50+ distributors and
reseller partners globally. The company
launched its Open Threat Management
(OTM) Platform in April 2016 and has
been releasing major updates every
quarter with enhancements in machine
learning, dynamic threat models, multi-
tenancy, and scaling. Seceon’s
innovations have continued in 2018
when the company introduced
aiSIEM™ and aiMSSP™ to transform
the landscape of IT security in
healthcare.
Seceon’s Solutions ProvideMuch-
Needed IT Security Assurance
Over the years, Seceon has crafted a
niche in the market as an adept security
solution provider that deeply
understands the nuances of cyber
threats encountered by small-to-
medium sized businesses (SMBs) and
enterprises. To achieve the goal of
“Cyber-security Done Right,” the
company engineered its
groundbreaking OTM Platform from
scratch.
OTM works out-of-the-box to instantly
protect against known and unknown
threats. It provides comprehensive
visibility, proactive threat detection,
and automated containment and
elimination of threats in real-time, all
while minimizing costs, staff
bandwidth constraints, and
performance impact. OTM helps
enterprises automatically generate
prioritized threat alerts that matter in
real-time and empowers SOC / IT
teams to detect and respond to the
threats quickly, before critical data gets
exfiltrated.
Seceon’s aiSIEM and aiMSSP
solutions are built on the OTM
Platform:
Seceon aiSIEM goes beyond traditional
SIEM and eliminates the need for
adding multiple silo solutions. It
ingests raw streaming data from
applications, identity systems, flows,
and raw traffic from networks to
provide comprehensive visibility,
proactive threat detection, automated
threat containment and elimination,
and continuous compliance, policy
management, & reporting.
Seceon aiMSSP enables Managed
Security Service Providers (MSSPs) to
38 | September 2018|
41. offeroutsourced security services to SMBs, including
24x7 security monitoring, threat intelligence, and real-
time detection and remediation, at nominal and
predictable linear costs.
The Secret behind Seceon’s Success
Seceon’s OTM platform is growing in popularity across
all business verticals due to its unique ability to ensure
proactive detection, containment, and elimination for all
threat categories. Key differentiated benefits of
Seceon’s OTM platform include:
• Comprehensive Visibility
The OTM Platform ingests all raw streaming data
(Logs, Packets, Flows, and Identities) and provides
real-time extensive view of all assets (users, hosts,
servers, applications, data access, and movement
traffic) that are on premise, cloud, or hybrid, and their
interactions.
• Reduce Mean-Time-To-Identify (MTTI) with
Proactive Threat Detection
The platform proactively detects threats and surfaces
threats in real-time without an agent or alert fatigue.
• Reduce Mean-Time-To-Resolve (MTTR) with
Automatic Threat Remediation
The OTM Platform performs automatic threat
containment and elimination in real-time. It also
provides clear actionable steps to eliminate the
threats that can either be handled automatically by
the system or manually by the security expert post-
analysis.
• Continuous Compliance, Policy Management and
Risk Monitoring
The platform provides continuous compliance and
scheduled or on-demand reporting. This includes,
HIPAA, PCI-DSS, NIST, GDPR, SOX, FINRA, etc.
Innovation Starts at the Top
An ideal 21st
century IT security leader is one who
envisions the upcoming threat landscapes and prepares
foolproof solutions for it in advance, not only to drive
the success of his business, but to benefit the industry at
large. Chandra Pandey is a leader who fits this mold.
As Founder and CEO of Seceon, he has guided his
organization in pioneering solutions for critical cyber
threats. He orchestrates the company’s business and
technical strategy, and fosters innovation by
The10MOSTTrusted
Healthcare
ITSecurity
SolutionProviders2018
Chandra Pandey
CEO & Founder
empowering all company members with decision-making
abilities, encouraging open and respectful communications,
and building a culture of continuous improvement.
Chandra is the driving force behind Seceon’s commitment
to creating affordable cybersecurity solutions for
organizations of all sizes. An engineer by trade, Chandra
applies the deep leadership, technical, and business strategy
expertise gained during previous positions at Nokia, Ciena,
Juniper Networks, and BTI, to Seceon’s groundbreaking IT
security business.
The RoadAhead
Seceon’s expertise in crafting leading-edge solutions for
rising cyber security challenges, out-of-the-box thinking,
and passion for ensuring “Cybersecurity Done Right,” has
made it a dominant IT security provider.
During the next few years, Seceon will continue to be laser-
focused on adding innovations to its aiSIEM and aiMSSP
“Comprehensive Cyber-security for the Digital-Era”
solutions. “Seceon is designed from the ground up to
automatically detect, contain, and eliminate critical
cyberthreats faced by the healthcare industry in real-time,
including data breaches related to PHI and IP ransomware,
malware on medical devices, credentials/insider threats,
and compliance with regulations like HIPPA, PCI-DSS and
NIST,” concluded Chandra Pandey.
| September 2018 | 39
42. STRATEGIES
ver the past few years, the magnitude of threat against
FORHEALTHCARE
ORGANIZATIONSTOCOMBAT
CYBERCRIME
Ohealthcare organizations is growing exponentially. Currently,
the healthcare industry is striving hard to target the cyber
breaches. The Chief Information Security Officers (CISOs) are
becoming smarter and sophisticated to outmaneuver the
cybercriminals. The healthcare organizations are acutely focusing on
their IT functions and effectively correlating information to mitigate
the risks of cybercrime. They are consolidating this information from
the various vulnerability scanners to effectively manage and aid their
business context. Various foremost healthcare organizations are
adopting cutting-edge cyber security approach, where the senior
board arrays the tenor for the organizational operations to
successfully respond to the cyber risks.
Categorizing the Assets
There is a major necessity for the healthcare organizations to
understand the cyber security risks for smooth management of their
business context. They need to establish a specific data security team
to classify data assets in association with their business significance.
Managing the patient records and keeping in mind the susceptibilities
existing in a client's desktop would be far less than those present on
an acute database server is very imperative. The healthcare
organizations should prioritize the most critical assets which can lead
to effective threat mitigation efforts backing the cyber security. The
traditional and upcoming healthcare organizations need to
conceptualize and take firm measures safeguarding the patient data
and classifying the assets to certify complete network security.
Staying Updated to the Latest Threats
The developing world is witnessing severe
cyber security threats. This budding cyber
security landscape influences the IT and security
squads to stay updated to the latest threats and
their respective agents. They need to
successfully predict the attack vectors by
educating their staffabout the recent scams and
threats. The healthcare organizations should
provide their employees with the training based
on the security risks in accessing links and
attachments in the email. The healthcare
organizations need to abandon the obsolete
technology and replace it with modernized
technology that is highly resistant to
cybercrime. They need to tremendously engage
with the smart and quick Big Data Analytics to
secure gigantic computerized data and
converting the unstructured SIEM data to a
specific format for making strategic decision to
reduce cybercrime.
Involve Business Acquaintances
The healthcare organizations need to pitch in
with additional resources, to ensure information
security. These organizations need to engage the
various business associates and merchants for
accountable and secured health information
under the Health Insurance Portability and
Accountability Act (HIPAA). The business
associates can face direct civil liability for a
breach of this act. However, it is the
responsibility of the healthcare organization to
confirm that their business associates are
maintaining Protected Health Information
(PHI) effectively. Establishing a strong
persistent program to monitor business
associates gives the health organizations the
threat intelligence they need to guard their
business against duplicitous transactions. The
affiliation of the healthcare organizations with
the business associates will help them to
monitor the new risks, controls, and the
emerging vulnerabilities of the cybercrime.
Implementing AppropriateControls
The healthcare organizations should implement
strict measures to confront and terminate the
Bring-your-own-device (BYOD) programs. They
should focus on the execution of the suitable
40 | September 2018|
43. controls around data segregation and
infrastructure security. Constant
monitoring practices are required to
ensure that the controls are active and
functioning in a desirable manner. The
healthcare organizations should
influence certain security incident
recognition and response programs to
mitigate the cyber security risks.
Additionally, operations regarding
crisis management must be integrated
into the flexible business strategies.
The healthcare organizations need to
implement adaptive technologies to
manage identities and to regulate the
information being accessed. They
should undertake operations to detect
the loopholes and vulnerabilities in the
mobile apps that would surely reduce
and support the high grounds of the
cyber security.
Monitoring Internal Systems & Logs
The healthcare organizations need to
invest in the evolving technologies that
enable them to spontaneously scan and
secure data, log data modification
activities as they arise, and instantly
alert their IT teams about the
fraudulent behavior. These teams must
focus on detecting the loopholes with
the help of an automated bot or a
specific process that intermittently run
through the system, combating the
threats. This will help the organization
to spot the vulnerabilities and save
time, resolving it before enough
damage. Monitoring the logs is a key
component of an organization’s
compliance initiatives. This would help
the healthcare organizations to
properly audit and prepare a report on
the file access which can detect illegal
activity by the users and other major
cyber threats.
The Future Innovations
The increasing complexities of IT
landscape in the healthcare
organizations, the future is critical for
the security teams to choose the exact
processes and tools to defend the
organization from budding breaches.
The healthcare organizations in the
upcoming future are planning to design
robust systems and stronger encryption
algorithms to successfully safeguard
the cybercrime in the healthcare sector.
Soon there will be an introduction to
the new General Data Protection
Regulation (GDPR) to replace the age-
old Data Protection Act, which would
increase the security of the personal
data and also its exploration.
Cybernetics
| September 2018 | 41
44. SecureNetMD
An Innovative Technology Partner
for Healthcare Leaders
“Werenderstrategic
technology solutions
built aroundyour
organization”
yber security is no longer just
a trending practice; it has
Cbecome an absolute necessity.
With paper records moving to
electronic ones, the side-effect of this
revolutionary transition cannot be
ignored. To address the same in
healthcare industry, a remarkable piece
of legislation- The Health Insurance
Portability and Accountability Act
(HIPAA), was coined. Made with the
primary goal to tackle the issue of
insurance coverage for individuals
between jobs, HIPAA helps healthcare
providers to safeguard against
healthcare frauds, ensure the security
of PHI, restrict healthcare information
authorization as well as help in
securely sharing healthcare
information across various platforms.
SecureNetMD is one of the fastest
growing HIPAA Compliant Managed
Technology Solutions Providers that
help healthcare leaders make better
decisions around technology. Founded
in 2009, the company empowers
healthcare providers to expand patient
reach and improve patient care.
SecureNetMD aims to be an innovative
technology company, strategically
focused on partnering in its clients’
success.
The Prodigy Leading SecureNetMD
Jack Berberian is the Founder and
CEO of SecureNetMD. He holds
diverse educational proficiencies- JD,
CPHIMS, CHSP, CHSA, ATC, to name
a few. He is a seasoned entrepreneur
who has worked across multiple
industries and verticals. Jack has also
founded Troy Ventures, LLC, MedTix,
LLC, as well as co-founded
ThinkSecureNet alongside
SecureNetMD. Under this dynamic
leader, SecureNetMD has reached the
height of success that it is at today. “At
SecureNetMD, we’ve invested in
becoming a true technology partner for
our clients. Our award-winning
solutions are backed with first-class
service, providing healthcare providers
the leverage and confidence to get back
to what’s most important—improving
and expanding patient care,” asserts
Jack.
Promising Solutions and Services
Not only does it deliver fully-HIPAA
compliant solutions, SecureNetMD has
invested in developing a trusted
relationship with its clients. It believes
that the needs of healthcare
organizations can vary greatly and
hence, is not interested in a one-size-
fits-all technology. With the largest
needs of maximum healthcare
organizations at its nexus,
SecureNetMD offers solutions in four
core focused areas: Managed Security
Solutions, Managed IT solutions,
Unified Communications, and IT
Infrastructure. These aid in protecting
healthcare organizations and their
patient ePHI through innovative threat
management, endpoint encryption, and
compliance management solutions.
The Managed IT solutions allow
SecureNetMD to empower and
streamline healthcare organizations
with fully managed or co-sourced
24/7/365 service desk. They also allow
healthcare providers of all sizes gain
invaluable access to a full fleet of
42 | September 2018|
45. certified technology experts whenever they need it.
With its Unified Communications solutions, the
company improves the flexibility and dependability of
crystal clear VoIP and intuitive custom call flow
designs. This helps healthcare leaders ensure that their
patients are delivered to their destination quickly and
efficiently. Its cloud-based Unified Communication
(UC) platform empowers practice managers and
healthcare leaders by delivering enhanced call analytics
that can track peak call times, patient hold times,
missed calls, and staffing efficiency through an intuitive
reporting dashboard, 24x7. With its IT Infrastructure,
SecureNetMD improves the infrastructure and
scalability of healthcare providers with the fleet of
certified cabling technicians, project managers, and on-
staff certified RCDD.
Outshining the Confrères
Three areas that really set SecureNetMD apart from
other Managed Service Providers are that it is a fully-
HIPAA compliant solution provider. The company is
rooted in technology and process efficiency and it has
been passing this value to its clients to streamline their
operations. It has spent the last decade developing a
nimble and responsive service model, allowing its
teams to respond quickly to the customer and industry
needs. Moreover, SecureNetMD emphasizes on being a
partner and not just another vendor, for its clients. Its
award-winning solutions with first-class service are
backed with partnerships. The company proudly says,
“We don’t have business relationships, we develop long
term partnerships that are earned over the course of
time.”
An Ambitious Workplace
The company takes great pride in calling themselves a
team, demonstrating true teamwork that rallies
delivering world-class. One of the core values
SecureNetMD is Growth. It focuses on investing in the
growth of its team and each individual team member.
Being in an industry that is ever-changing, it is required
that the team members be agile and eager to improve on
their specialties and expand their skillsets.
SecureNetMD encourages its team to continue growth
by providing incentives, recognition, and career
advancement tracks to help them achieve the best
version of themselves.
The10MOSTTrusted
Healthcare
ITSecurity
SolutionProviders2018
Jack Berberian
Founder &CEO
Recognitions and Accolades
SecureNetMD was recently recognized and featured as one
of the Top 10 MSP for 2018 by a prominent magazine of the
industry. It was also recognized as one the Top 10
Healthcare Companies in Delaware and Fastest Growing
Companies in America by a well-renowned source. A
prestigious source named SecureNetMD as one of the Top
10 VoIP providers. Additionally it has received several
other recognitions throughout the local community as a
leader in Healthcare IT, including Delaware Small Business
Chamber Blue Ribbon Award, 2016 Best of Lewes Award in
the HIPAA Compliant Healthcare IT Provider category, to
name a few.
Future Endeavors
SecureNetMD’s plan for the future is to continue being
recognized as a leader in the industry and a trusted partner
for healthcare providers. As a partner to healthcare
providers, it aims to be foster a strong commitment; so that
healthcare providers can be confident in trusting
SecureNetMD with not only the technology that their staff
and patients interface with, but also in providing innovative
solutions that future-proof their growing organization.
| September 2018 | 43