Explore the critical distinction between security and compliance in healthcare IT during this 47-minute conference talk from the Central Ohio InfoSec Summit 2016. Delve into common attack vectors, risks associated with shared accounts and kiosk systems, and the potential consequences of unsecured medical environments. Learn about various authentication options, including smart cards and managed PKI providers, and discover essential security measures such as application whitelisting, removable media restrictions, and internet communication controls. Gain insights into emerging trends like VDI (Virtual Desktop Infrastructure) and their impact on healthcare security. Walk away with a deeper understanding of how to balance regulatory compliance with robust security practices in the healthcare sector.