Healthcare // Security & Privacy
News
7/29/2014
03:30 PM

Healthcare Security: CSOs Needed

Too many healthcare environments cling to insecure legacy systems and lax accessibility standards. It's time to enact strong security leadership.

Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
7/31/2014 | 11:33:39 AM
Re: the future
Actually, a lot of studies indicate internal threats are more dangerous than hackers. Whether they're simply making mistakes (like sending PHI in unecrypted ways or leaving unsecured laptops where they can be stolen) or disgruntled and malicious, employees cause most data losses and breaches. Hackers get the headlines and have the potential to do untold amounts of damage if they crack the databases of hospitals, insurers, or government agencies like Medicare. CSOs and their teams have to protect against all forms!
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
7/31/2014 | 11:31:09 AM
Re: Meanwhile down here in the real world
Sure, every job posting has a long list of ideal specifications, but you'd certainly hope the Chief Security Officer would be very strong and knowledgeable in security. If s/he is also knowledgeable in healthcare, well, that's great -- but undoubtedly, that exec also will demand a higher salary than a similar pro without healthcare expertise. We all start in any industry without much knowledge but we learn the terms, the slang, and everything else that makes one business different from another. A CSO -- a good CSO -- is driven hard to do just that. Thinking a CSO without healthcare experience will fail is extremely shortsighted. Knowing security is much more important than knowing the vertical, whichever vertical you're talking about, no matter how 'different' a board thinks it is.
SachinEE
50%
50%
SachinEE,
User Rank: Ninja
7/30/2014 | 12:38:42 PM
Re: the future
According where the future is leading us, I think health care centers should already be working on how to improve their I.T security issues. Hacking may be the greatest threat as far as data security is concerned but there is always something that can be done about this. I am just scared for them because if they cannot assure the public about their security now, when will they do it because some organizations do are not threatened at all by hackers and insecurity issues. They can borrow ideas I think.
CSPANJNKY
50%
50%
CSPANJNKY,
User Rank: Apprentice
7/30/2014 | 10:42:48 AM
From 1966 on...
https://www.youtube.com/watch?v=rRkGTNnEHk0 Watch Dr. Peel's TED presentation if you want to learn the enormity of the problem. 


CSPANJNKY
50%
50%
CSPANJNKY,
User Rank: Apprentice
7/30/2014 | 10:34:36 AM
Our Health Records already in Hands of WHO KNOWS WHO!
http://patientprivacyrights.org/ Dr. Peel's TED presentation is a good place to start if you want to see what federalizing our Health Care records has spawned. 



https://www.youtube.com/watch?v=rRkGTNnEHk0 I so wish Information Week would report on Dr. Peel's talk instead of dance around the edges. 

 

 
asksqn
100%
0%
asksqn,
User Rank: Ninja
7/29/2014 | 6:04:41 PM
Meanwhile down here in the real world
The most idiotic requirement is that experienced security personnel also have experience in healthcare.  Note to HR staff:  Ain't gonna happen!  In fact, the very definition of a purple squirrel is the "perfect" candidate who has the requisite dozen years plus work history that blends a wishlist of idealized employment history compiled by the largely clueless HR department and/or Administrator/D.O.N.  Until hospitals realize that RNs and other medical personnel won't also be I.T. security pros, the data breaches/HIPAA violations will continue.
Healthcare Data Breaches Cost More Than You Think
Healthcare Data Breaches Cost More Than You Think
Healthcare providers just don't get it. They refuse to see the need to fully secure their protected health information from unauthorized users -- and from authorized users who abuse their access privileges. As a result, they don't allocate enough budgetary resources for securing medical data.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 7, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program!
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.