Healthcare Cybersecurity Weekly Briefing 04-20-2018

Critical Informatics Healthcare Cyber Security

Critical Informatics Healthcare Cyber Security

Data-driven Analysis of Healthcare Cyber Risk Insurance Claims
With the specific healthcare sector analysis, there are several points of interest. The first relates to organizational size. Here the analysis indicates that most of the recent insurance claims made related to small or mid- sized healthcare organizations. A second area of importance is with the relatively higher size of insurance related payouts for healthcare. Although healthcare claims comprised only 17 percent of claims in 2017, these claims represented 28 percent of total breach costs, to the tune of $229 million.


Healthcare Data Security Requires Active Employee Participation!
A security campaign for healthcare workers needs to gradually develop as an ongoing behavioral program that starts by conducting a high-level risk assessment to identify organizational issues and how staff behavior affects them.  Device malfunction, system outrages and stolen or manipulated data contribute to risks that staff needs to be made aware of, along with how to react to each.


Understanding Risk Assessment for InfoSec Budgeting
Last month, Critical Informatics founder Mike Hamilton moderated a panel discussion in downtown Seattle, reinforcing a practical methodology to establish common ground and build a case for IT Security investments. Comprised of regional Information Security leaders in legal, actuarial consulting, health insurance, and education, our panel explored the process and practicality of applying this methodology. Read on to learn what the experts had to say about their use of risk assessment to secure executive buy-in for investments that reduce the risk of IT security events leading to expensive outcomes.


Healthcare Data a Growing Target for Hackers, Cybersecurity Experts Warn
“Their preferred … target is cash itself. If you can’t get the cash, then you go for things that can be converted to cash. And personal data is one of those things,” he said. Sensitive health information, for example could be used to blackmail a public figure or extract a ransom from a medical provider. And health data has what’s called a large “threat surface” — many vulnerable points where it could be accessed.


At Lakeland Health, IT Leaders are “Changing the Storyline” on Cybersecurity and Seeing Significant Results 
“Number one, we wanted to put risk management and cybersecurity at the top of health system leadership agenda. We wanted to be proactive. Second, there is a negative connotation to cybersecurity, mostly fear and negativity, so we wanted to change our storyline and move from fear and negativity to focusing on clinical integrity and business integrity,” he says. “Thirdly, we wanted to use innovative strategies and tools and more agile methodologies to make rapid progress using our distributed, cross-function teams to make improvements.”


Stay up to date on the Healthcare Information Security news that you need to know by signing up for our Healthcare Briefing Here.


Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.