Page 9 - SFHN0918FINAL.qxp_SFHN 0608 Friday 5.0
P. 9
Implementing Threat-based Cybersecurity
to Secure Patient Care Innovation
Technology has brought healthcare to traffic moving throughout their net-
consumers’ fingertips, putting them at works and systems and identify suspi-
the nucleus of care and blurring the def- cious activity and clear threats in real
inition of a healthcare organization. time. And their IDS should be especially
Traditional technology entities are focused on email intrusions—their
building healthcare apps, wearables and number one attack vector.
other connected devices, and consumers 4. Make top-down personnel educa-
are using them to track their health tion a priority – to ensure all individuals
progress and feed data back to their with access to an organization’s net-
provider, payer or both. Retailers are works, medical devices and data under-
partnering with pharmacies, so both can stand their roles and responsibilities in
gain access to each other’s data and reach defending against cyber threats.
a greater number of consumers. Insurers 5. Create an internal and external cri-
are partnering with pharmaceutical BY ANGELO PIROZZI, PARTNER, BDO CENTER sis communications plan – to align with
manufacturers to leverage patient data to FOR HEALTHCARE EXCELLENCE AND existing enterprise risk management
improve outcomes and lower health INNOVATION, AND GREGORY GARRETT, BDO frameworks.
costs. HEAD OF U.S. AND INTERNATIONAL 6. Implement cyber insurance claims
But perhaps nothing says the health- CYBERSECURITY preparedness and adequate coverage – to
care company of the future has arrived as identify and quantify incurred event
best as the innovative partnership response costs for inclusion in an insur-
between Amazon, JPMorgan and in the most likely risks and attack vec- alone has seen 176 reported large-scale ance claim.
Berkshire Hathaway. tors based on your company’s unique data breaches (those impacting 500 or 7. Create an incident response plan –
Data-sharing between consumer threat profile. more individuals), according to the U.S. to include the participation of organiza-
health organizations is of course net pos- How do healthcare organizations Department of Health & Human tion leadership and key personnel from
itive. Capitalizing on data is the first step develop and maintain a comprehensive Services. That number equates to 3.2 all technology, business, administration
to achieving precision medicine and cre- cyber threat profile? million patients impacted and spans 40 and clinical functions.
ating shared value across the health The first step is to assess and take states. Capitalizing on data is one of the first
ecosystem. But cyber risks are also grow- ownership of your organizational DNA: But more telling are the breach types steps to innovating patient care—and is
ing as data sharing increases. the data assets and other intellectual and locations of breached information. crucial to surviving in today’s blurry
If organizations in the business of con- property that make you unique—or a The biggest threats in 2018 have been healthcare ecosystem. But to do so sus-
sumer health are going to sustainably potential target. Owning your organiza- unauthorized access/disclosure (77) and tainably, in a way that protects patient
innovate around patient care, they must tional DNA starts with information gov- email (48), respectively. privacy and data security, will require a
be able to safely store and analyze ernance: identifying, managing, accu- What this tells us is that, to effectively threat-based approach to cybersecurity.
patient data—the most valuable resource rately categorizing, protecting and opti- detect and respond to risks, healthcare And achieving threat-based cybersecu-
to the consumer, to the business of mizing organizational data from incep- organizations need to: rity is a journey spanning the entire cor-
health and, we believe, to the security of tion to final disposition. 1. Bolster their access controls – tech- porate lifecycle.
a nation. But, keep in mind that the data assets nical policies and procedures to ensure
you value most may not be the prime tar- only authorized employees have access Learn more about how we can help you
Threat-based cybersecurity will get for a would-be hacker. Your data on to protected health information (PHI)— throughout your unique lifecycle.
be their lifeline. performance outcomes, for example, is and be more stringent about who they
Based on intent, threat-based cyberse- far harder to monetize on the dark web grant access. Our South Florida healthcare leaders
curity is a forward-looking, predictive than your patient database. 2. Implement stronger audit controls – are ready to address your complex and
approach. Instead of (or in addition to) The next step is to factor in the threat to track and identify internal and exter- unique needs:
focusing solely on protecting critical environment to understand current nal access to and exploration of informa- Alfredo Cepero, Managing Partner
data assets or following the basic script exploits and the most targeted vulnera- tion systems that contain PHI. 305-420-8006/ acepero@bdo.com
of a generic cyber program, threat-based bilities. 3. Strengthen intrusion detection sys- Angelo Pirozzi, Partner
cybersecurity concentrates investments As of July 12, so far this year the U.S. tems (IDS) – to more accurately monitor 646-520-2870 / apirozzi@bdo.com
www.southfloridahospitalnews.com
Visit us on the web at www.southfloridahospitalnews.com
COMPREHENSIVE
DIAGNOSTIC ASSESSMENTS
Including 19-Point qEEG
Immediate Results with Full Diagnostic Report
In Network with:
• Cigna • Humana
Same week or • Aetna • Magellen, and more
next week
appointments
Ask About
Memory Boot Camp
South Florida Hospital News southfloridahospitalnews.com September 2018 9
