2020 Agenda



Become A SpeakerRegister


November 18, 2020

08:45 AM

Log In

09:00 AM

Opening Remarks

Brendan Kwolek
Executive Director, Interchange Project & ICT
Halton Healthcare

09:05 AM

Session 1

Attack Response Solutions: How to Prevent Attacks and Build an Effective Cyber Hygiene Culture

BridgeCare Health Network in Colorado receives thousands of attacks over the course of a week but have built robust solutions to prevent the attacks from penetrating their secure systems. With 91% of all ransomware attacks executed through phishing, having a culture that is alert to threats, is an essential component in your front line defence ofcyber-attacks. In this session learn how to:

  • Understand when an attack is taking place and act quickly to prevent a breach
  • Learn how BridgeCare developed a strategy for preventing breaches
  • Provide the leadership support – and training – necessary to create a cyber tunedculture

Michael Archuleta
Chief Information Officer
Information Security Officer
BridgeCare Health Network – Mt. San Rafael Hospital

09:40 AM

Session 2

Hacking Demonstration: Understand How an Attack Occurs and How it Moves Through Your Systems

Most healthcare professionals know about hacks, but very few have seen what one looks like in the moments it’s happening. This demonstration will take you through the various stages of an attack, from the initiation infection to the pathway it takes to shut down systems, machines, restarts, encryption and data collection. This valuable session will arm you with the knowledge you need to understand the way attacks occur, and how you can build your systems to mitigate their effectiveness and defend against them. Some of the examples we will explore include:

  • The attack pathway
  • Shutting down and taking over medical devices, such as MRIs
  • Gaining access to patient records, encrypting them for ransom, or stealing them
  • And many other examples!

Yousif Nakkash
Network Systems Support, Department of Computer Science
Ryerson University

10:15 AM

Session 3

Attack Simulation: How To Respond Hour by Hour

When attacks occur, you must react quickly to maximize your effectiveness. To understand what an effective response looks like, HIROC will show how you should respond in real-time, including:

  • Which steps you should take, and in which order
  • How to initiate the response, and how to mobilize your team
  • How to seal off and protect sensitive data
  • How to report the attack up the chain

Kopiha Nathan
Privacy and Compliance Officer

11:00 AM

Networking Break

11:10 AM

Session 4

Incident Response: Mandatory Reporting Obligations, Best Practicesand Tribunal Processes of the Office of the Information and PrivacyCommissioner of Ontario (IPC)

There remains much confusion over what organizations need to do once they experience an attack. In Ontario, health information custodians must report to the IPC where personal health information is subject to a ransomware or other malware attack. Custodians also have a duty to notify individuals whose privacy has been breached. Understand custodian’s obligations, as we go over:

  • What must be reported, how and when?
  • Guidance on responding to a ransomware attack.
  • What are the IPC’s processes where an attack is reported.

Brendan Gray
Health Law Counsel
Office of the Information & Privacy Commissioner of Ontario

11:40 AM

Session 5

Cyber Attacks and Risk: Understand How To Protect Yourself From Attacks and Class Action

Recent events surrounding various healthcare organizations have highlighted the risks and vulnerabilities that go to the heart of healthcare providers. Health records are extremely valuable, and therefore a target for many hackers. From ransomware, to extortion, and selling information on the dark web, stealing patient records is becoming a  big business. Hear stories from a legal team on the front lines and learn what you can do to protect yourself.

  • What proactive steps can you take before and after a breach to try to dissuade legalaction, or pre-empt a successful claim?
  • How have the courts responded to proposed class actions against health careproviders who have been subjected to data breaches?
  • What kinds of remedies do class members seek, and what have they been successfulin achieving?

Margaret Waddell
Founding Partner & COO
Waddell Phillips Barristers

12:20 PM

Closing Remarks

Brendan Kwolek
Executive Director, Interchange Project & ICT
Halton Healthcare

Ongoing Call for

This is your opportunity to share your knowledge and experience with other health care professionals.

Please email us at info@sparkconferences.com to receive more information.

We look forward to receiving your submissions!

Secure Your Spot Today

Save 10-15% per person on registration when Early Bird rates are available. Space is limited on certain sessions or activities and participation is available on first-come-first-served basis.