SPE28 – Noontime Session: Can Cyber Criminals Use Medical Devices to Bankrupt Your Practices?

Synopsis: Today:  All of your patients charts compromised, 30 computers infected with ransomware, 3 cameras and OCTs that can’t be restored, and 5,000 angry patients lost to your competitors.
Last Month:  A patient left alone in an exam room plays with a viewing station, a tech surfs the net from the computer driving the OCT, a malcontent takes your external backup drive while you’re busy taking their picture or a host of other seemingly innocuous events. The bill:  $13,000 in ransom, $20,000 in IT consulting fees, $70,000 replacing imaging devices,  3 weeks of lost productivity, $250,000 in legal bills, and $400,000 in HIPAA penalties.

Medical devices are increasingly using computers, embedded inside of them or attached separately, to drive them. Unfortunately, these computers can be exploited by hackers and cybercriminals to ransom your data, expose patient information and infect your other devices, networks and computers. If these devices are not updated and/or protected, not only could you lose your data, you have the potential to lose your software, your operating system, and configurations—rendering your medical device useless as well. Safeguards are available to minimize these risks, but few providers, and even IT professionals, know how vulnerable they are to these hidden threats until it’s too late.

With the help of world class experts, we will look at the pathophysiology of a successful practice as it succumbs to impact of a cyber attack.

Objectives At the end of this course, session attendees will be able to
1.       Identify the vulnerabilities common in ophthalmology practices
2.       Understand how these vulnerabilities can be exploited and the consequences
3.       Explore ways these vulnerabilities can be addressed
4.       Create a checklist to assess the risks in your practice


Senior Instructor

Sidd Chopra

Date and Time

Monday, Nov 13, 2017 12:45 PM – 1:45 PM


Morial Convention Center




Practice Management – Electronic Health Records