Is Your System Less Secure Than You Think?

October 2, 2019
Vikas Khosla, chief digital health officer, Intraprise Health

Vikas Khosla, chief digital health officer, Intraprise Health

If you think it’s expensive and time-consuming to protect your healthcare organization’s data, you’re right. But just look at the cost of not having a solid security program and experiencing a healthcare breach. You needn’t look far.

A breach can be financially devastating. It will ruin your reputation. It will call into question your organization’s security program and its evident gaps. Patients may say, ‘If they can’t protect my personal information, how can I trust them with my health?” It’s a marketing nightmare.

We walked you through a breach in the August issue’s Lessons Learned from a Ransomware Attack: A Hospital CEO’s Perspective. But what if the healthcare organization you help promote could rewind that day? What if organizational leaders had made other choices? It would certainly have helped you in your marketing role. Instead of having to provide crisis communications, you could be promoting new products and pitching stories about the organization’s newest offerings.

Vikas Khosla is chief digital health officer of Intraprise Health, a Pennsylvania-based company that helps healthcare organizations keep their data safe. “Everybody thinks it’s an IT problem, which it’s not, because security really spans the entire organization,” he says. Intraprise recently launched a software service based on the HITRUST Common Security Framework (CSF), designed specifically for healthcare.

Khosla says that most health systems and hospitals erroneously believe they have a mature security program because they’re HIPAA-compliant. The Health Insurance Portability and Accountability Act (HIPAA) Security Rule is designed to protect health information transmitted in electronic form by healthcare organizations and the businesses they do business with. It has about 52 requirements for protecting data but does not specify security controls that identify how an organization can meet these requirements.

Read the full article now: Managing Risk: The Business Case for Security Certification

Best regards,
Matt Humphrey

Start Your Online Access Today

Not a member yet?
Sign up for a FREE trial membership »

And don't forget: Once you've signed up as a member, you can add up to 9 colleagues for no additional charge with our Group Membership Upgrade. It's an incredible value.