Thank you for joining the Cyberwatching.eu webinar on Security and Privacy by Design for Healthcare: New solutions from EU H2020 Projects to comply with GDPR, Medical Device Regulation, EU Directive 2016/1148 on essential services and COVID context" focussing on developed solutions that are effective and usable in the healthcare context to reduce the overall ex-ante risk, this includes threats specific to Covid-like situations.
Webinar slides are available now!
Download a copy:
Watch the webinar video!
Delivery of health services (clinical and administrative) through ICT and connected medical devices is a necessity for healthcare organizations, and changes the way healthcare services are delivered and data are shared. Therefore, cyberattacks and staff mis-behaviour may have significant negative effects on business continuity, patients’ safety and data privacy.
Current levels of privacy protection and security are highly dependent on the intrinsic risk embedded in the existing systems, medical devices and procedures: in a long term perspective, if the investments for physiological renewal/upgrade of these assets were inspired to a “privacy and security by design” approach, the overall risk would decrease.
According this approach the European Commission has set-up regulatory measures (e.g. GDPR, MDR, EU Directive 2016/1148), and also, through the Horizon 2020 programme, funded research and innovation projects to develop solutions that are effective and usable in the healthcare context to reduce the overall ex-ante risk. This includes threats specific to Covid-like situations.
Who should attend?
We invite representatives from hospitals, Medical Device manufacturers, ICT systems providers and Digital service providers to attend this webinar.
With repersentatives from the health, legal and cybersecurity sectors, we'll be hearing about the main challenges facing the medical sector in ensuring secure integration of services that comply to EU regulations. We'll also hear about three cutting-edge security and privacy by-design solutions under development thanks to EC-funding.
11:00 - 11:10: Welcome note and purpose of the Webinar - Marina Ramirez, AEI Ciberseguridad, Cyberwatching.eu
11:10 - 11:25: Challenges and an overview of the proposed Solutions - Sabina Magalini, Fondazione Policlinico Universitario Gemelli
11:25 - 11:40: The Roadmap to GDPR Compliance in e-Healthcare Services - Paolo Balboni/Anastasia Botsi, ICT Legal Consulting, Cyberwatching.eu
11:40 - 11:55: PAPAYA: PlAtform for PrivAcY preserving data Analytics (Healthcare Use Cases) - Orhan Ermis, EURECOM
11:55- 12:15: Security and privacy by design for healthcare data governance - Andrés Castillo, Pediatric Hospital Niño Jesús and Haris Mouratidis, University of Brighton, DEFeND
12:15 - 12:30: PANACEA framework of Security-by-Design Principles applicable to Health systems and medical devices development - Martina Bossini Baroggi, RINA
12:30 - 12:40: Roundtable discussion
12:40 - 12:45: Closing remarks
Anastasia Botsi is trained in European law, and has Professional University Certificate (ECPC-B DPO) from the European Centre of Privacy and Cybersecurity (ECPC) in Maastricht University. She has also been sponsored by the Dutch Science Foundation to conduct research on the legal issues of managing cyber-security risks and cyber-attacks.
Andrés Castillo is the Head of Technological Innovation in Pediatric Hospital Niño Jesús in Madrid, who has a Doctorate degree in Software Engineering and degrees in Sociology and Physics. He is also a teacher of Computer Science and Cybersecurity.
Haris Mouratidis is Professor of Software Systems Engineering and founding Director of the Centre for Secure, Intelligent and Usable Systems (CSIUS) at the University of Brighton. He is Fellow of the Higher Education Academy, and a visiting professor at the University of Stockholm (Sweden) and the University of Ionian (Greece). His research interests lie in the intersection of security, privacy, and software engineering. He has pioneered work in developing methodologies, modelling languages, ontologies, tools and platforms to support the analysis, design, and monitoring of security, privacy, risk and trust for large-scale complex software systems. He has applied his theoretical work to practical applications in domains such as critical infrastructures, cloud computing, health-care, telecommunications, banking, and public-administration. He has published more than 200 papers (h-index 34) and he has led and/or participated in more than 30 projects, currently DEFeND, CYRENE, AI4HEALTHSEC and CyberSANE (all funded by Horizon2020). He is member of working groups at ERCIM, IFIP, BCS, BSI, an Expert Fellow of the UK EPSRC Digital Economy NetworkPlus SPRITE+ (Security, Privacy, Identity and Trust in Digital Economy) and Vice-Chair of the International Federation of Information Processing (IFIP) WG11.4 on Secure Engineering.
Ms Martina Bossini Baroggi got her Master Degree in Bioengineering in 2017 from the University of Genoa. Analyst and software developer in RINA Consulting as part of the Italy Integrated Security Unit. Experienced in security-by-design in eHealth applications, risk assessment in HealthCare domain, software design and development, software verification and validation, data preparation and integration, and project coordination. Her profile combines software, cyber security and biomedical aspects acquired both at industrial and R&D level. In addition, she has previous experience in data processing in the field of AI, regarding deep learning and Convolutional Neural Network.
Orhan Ermis is a postdoctoral researcher in the Digital Security Department at EURECOM. He received his PhD degree from Department of Computer Engineering at Boğaziçi University, 2017. Previously, he received his BS and MS degrees from Bahçeşehir University, İstanbul in 2005 and 2007, respectively. His current research interests are privacy enhancing technologies, verifiable computing, DDoS detection and security protocols.
Senior Surgeon of the Emergency and Trauma Surgery Unit at the Fondazione Policlinico Universitario Gemelli (FPG) and Assistant Professor of Surgery at the Rome Catholic University School of Medicine (UCSC). She is also an Associate Researcher of the Italian National Council of Research (CNR-IASI); Fellow of the American College of Surgeon, of the American Association for the Surgery of Trauma and of the European Society for Trauma and Emergency Surgery (ESTES).
Her main interests focus on hospital surge plans, medical response to major incidents, emergency and trauma care system, decision support systems for major emergencies, training guidelines and standards in the framework of EU Programme projects (SICMA, EDEN, PULSE, REACHING OUT, ENCIRCLE, NO-FEAR). To all of these she actively participated as Investigator.
Head Business and ICT Consultant and project manager. Telecommunications Engineering from the University of Malaga, with over 15 years experience in business and strategic consultancy for public administrations and SMEs. At CITIC; Marina develops strategic plans for innovation and information society, ICT and business advice to SMEs, development of commercial offers, attracting companies for participation in R + D + i projects. Reports, market research, analysis, project management.
Wojciech Wideł, Preetam Mukherjee, and Mathias Ekstedt from our partner KTH published in IEEE Access about their work in the SOCCRATES project.
In context of the annual Internet Festival in Pisa, the CNR Institute of Informatics and Telematics and Registro.it are organising the workshop Cybersecurity Day 2022.
The event will take place on 7 October 2022 at the Auditorium Giuseppe Moruzzi 1 in Pisa and will be attended by industry experts, researchers, representatives of the business world.
SOCCRATES provides a deep dive session on the SOCCRATES platform at the ONE Conference 2022.
Within the H2020 EU project SOCCRATES a security decision support platform has been developed for Security Operation Centres (SOCs) and Computer Security Incident Response Teams (CSIRTs). This, so called ‘SOCCRATES Platform’ is targeted at organisation’s inhouse SOC and at Managed Security Service Providers (MSSP) that provide SOC services.