January 13, 2017 •
If you’re a healthcare IT (HIT) executive, you’ve undoubtedly been inundated with messages of fear and unease coming from your organization’s board members, employees, and even patients. Why? Because the widespread reports of healthcare data breaches and other cybersecurity failures have placed a spotlight on what can be a life-or-death situation.
Not too long ago there was no such fear. In fact, many organizations treated security and compliance requirements like a “monster under the bed”—an imaginary threat that really didn’t apply in their IT scenarios. They checked the boxes and moved on.
A good dose of “monster spray” works to fend off my little boy’s fear there’s a monster in his room waiting to bite his toes, but there’s no parallel in addressing today’s cybersecurity threat landscape. The regular occurrence of healthcare data breaches and ransomware events has made that imaginary monster very real.
Are you integrating security best practices with your compliance-related activity? If not, you’re likely attempting to fight off real cyber threats with monster spray.
Keeping the bad guys at bay involves the correct weaponry, as well as the people who know how to use it. In other words, you can’t go at it alone.
Gather up your organizational stakeholders and work together to build a security risk management program your entire organization can rely on. Begin by conducting a formal risk assessment, keeping in mind that external resources are an option for ensuring that all your bases are covered.
Want to learn more about what a security risk assessment entails when it comes to healthcare? Check out this helpful blog post from my colleague Kurt Osburn: https://www.controlscan.com/blog/healthcare-security-risk-assessment/.