Insights from 3rd ASCLEPIOS Awareness Workshop, 11 June 2021

Insights from 3rd ASCLEPIOS Awareness Workshop, 11 June 2021

The third ASCLEPIOS Awareness workshop took place on June 11th 2021, as a fully online event. It was part of the awareness workshop series organised by ASCLEPIOS to raise the general awareness on the protection of healthcare information security and privacy.

What was featured?

Figure 1: Screenshots from the Workshop
Figure 1: Screenshots from the Workshop

This time special attention was given to the ASCLEPIOS project and its practical demonstrators, while it also featured some of the talks that enjoyed high popularity in the first two editions of the workshop (e.g. GDPR or Threat Modeling in healthcare). The ASCLEPIOS demonstrator partners from AMC and NSE presented the current status of their implementations as well as the added value for their organisations. UoW introduced ASCLEPIOS with a brief overview of the project’s scope and framework, ICCS zoomed in the design and implementation of the ASCLEPIOS ABAC and ABE mechanisms, while Secura led the GDPR and awareness-oriented talks of the workshop (see the full meeting agenda in the end of the blogpost).

Feedback and lessons learnt

The backgrounds of the 22 workshop attendees were diverse, coming from major medical devices and services development companies, security testing and evaluation companies, the healthcare domain, research and academia.

Their responses to the survey that was distributed at the end of the session, convey several interesting results – both regarding their perception of the ASCLEPIOS technological offerings but also their expectations and preferences from the content and structure of an awareness workshop.

Let’s look at some of the survey results:

  • The main reason for attending the workshop was the general wish to learn more about state-of-the-art security in healthcare
  • Two of the main takeaways noted by attendees, included general knowledge on the ASCLEPIOS architecture, as well as understanding the general privacy requirements linked to medical data
  • The audience appreciated the technical talks, and would like to see more presentations of the same technical level
  • The general opinion about the presented ASCLEPIOS infrastructure and demonstrators is positive, and several people rated the solution as “surely better” than other already existing solutions

What’s next?

While the setting of the second and third online workshops was much different from the first physical workshop, the attendance and interest in the talks indicated a common topic:

Healthcare information security and privacy is a hot topic that needs to be understood and treated in a pro-active manner in order to minimize the risk and it all starts with individual awareness.

Towards this end, we will organise another workshop, that will most probably be held towards the end of 2021.  Stay tuned for the announcement and registration details!


9:30

Virtual room open

10:00

Welcome message and context of the workshop

Relevance and importance of the topic; Overview of the talks throughout the day

Tamas Kiss (UoW)

Razvan Venter (Secura)

10:30

GDPR in healthcare environments

Importance of the regulation, explanation of the concepts and topics and applicability to healthcare data

Christiaan Hillen (Secura)

11:00

Working with medical data – Patient awareness

Threats and risks relevant to the medical data, while being processed. Best practices for secure processing of data.

Christiaan Hillen (Secura)

11:30

 

Threat modelling in healthcare context

Threat modelling on a state of the art medical data processing platform

Christiaan Hillen (Secura)

12:00

 

Working with medical data – Attacker perspective

Attacker perspective on healthcare environments, with a strong focus on social engineering

Christiaan Hillen (Secura)

12:30

Lunch break

13:30

Context-aware access control in healthcare

A view on ABAC and ABE applied to the healthcare domain

Yiannis Verginadis

(Athens Univesity of Economocs and Business & Institute of Communication and Computer Systems)

14:00

ASCLEPIOS in practice – Antibiotics prescriptions

Practical demonstrator designed by NSE

Kassaye Yitbarek Yigzaw    (NSE)

14:30

ASCLEPIOS in practice – Acute Stroke Care

Practical demonstrator designed by Amsterdam UMC

Marcela Tuler (Amsterdam UMC)

15:00

End of workshop

Figure 2 Full Agenda of the 3rd ASCLEPIOS Awareness Workshop