Healthcare Cybersecurity Weekly Briefing 01-05-2018

Critical Informatics Healthcare Cyber Security

Critical Informatics Healthcare Cyber Security

17 Things We Should Have Learned in 2017, but Probably Didn’t
Chances are, you make similar resolutions every January 1st. Each year the infosec headlines flood us with new cautionary tales, some trying to teach us the same old lessons. Here are 17 things we should have learned from the horrors of 2017…but probably didn’t[.]

 

The CFO and Cyber Security: Staying Resilient in the Age of Digital 
More and more, the CFO is starting to play an important role in advising other board members on the possible financial impact of a data breach, ensuring that sufficient funds are allocated for preventing and containing potential incidents.  To be able to do this effectively, CFOs require an increased knowledge on how cyber threats are managed, as well as having an understanding of cyber security risk, and that means working a lot more closely with security experts.

 

90% Of Healthcare IT Pros Raising Cyber Security Budget
It seems health systems executives are not quite sold on new tech’s ROI, whereas they are firmly planted in provable cyber security solutions. This decision is particularly crucial in an industry containing patient data and scores of other sets holding personally identifiable information (PII).

 

Are Orgs Filling Necessary Healthcare Cybersecurity Roles?
One-third of payers surveyed said they currently have an established cybersecurity program manager, and 44 percent reported they planned to recruit a candidate for the role in 2018. Just over half of all respondents said they do not conduct regular risk assessments, while 39 percent stated they do not conduct regular firewall penetration testing. Nearly all surveyed C-suite members – 92 percent – said potential data breach threats and cybersecurity itself are still not key focus areas for their boards of directors.

 

Best Practices for Preventing Healthcare Cybersecurity Breaches 
Unfortunately, healthcare organizations typically have large computer networks holding vast troves of sensitive data that need to be accessed by many employees in multiple locations. These networks run software from third party business associates and usually connect with dozens of IoT devices at once. And every hospital works within a larger ecosystem, requiring employees to communicate and exchange data with a wide range of outside players. A recent attempt by the Health Care Industry Cybersecurity Task Force to diagram the healthcare sector shows the complexity of hospital environments.

 

Connected Healthcare Means Better Patient Outcomes: Digital Transformation and the rise of Smart Hospitals 
There are three major areas where healthcare is seeing the positive benefits of this digital disruption:
·       Healthcare Information Systems
·       Medical devices
·       Collaboration

 

Hospitals Face Steep Cybersecurity Challenges with Less Government Help
If the spotty, halting implementation of electronic health records over the past decade has taught IT experts anything, it’s that health data is uniquely tough to lock down. If the industry can’t figure out an easy way to get health records online, then it also isn’t going to be easy to create systems that secure the data. “There is no standard for what health records look like.

 

Healthcare Leaders Set Out Key Strategies in New Survey
The biggest priority for the healthcare industry found in the survey was cyber-security. Worryingly, only 25% of respondents felt that they were prepared to address concerns over cyber-security. Worries over personal health information and potential vulnerabilities with connected medical devices were at the forefront of 2017, with attacks such as WannaCry and hackable medical devices highlighting the issues.

 

Stay up to date on the Healthcare Information Security news that you need to know by signing up for our Healthcare Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.