Larger healthcare organizations prefer recruiting a chief information security officer (CISO) with experience in managing a data breach, according to a new report from security vendor Optiv.
The report highlights the growing awareness among healthcare administrators of the importance of cybersecurity, and the fact that these vulnerabilities persist.
In the first half of 2019 alone, nearly 32 million patient health records were breached, encompassing multiple levels of care — more than double the records breached over the entire 2018 calendar year, according to the latest report from IT security firm Protenus. Since 2016, at least one health data breach a day has occurred.
These lapses can cause major financial, privacy and publicity damages, experts note.
“With the rise of the data breach epidemic, and the imposition of comprehensive privacy regulations like the EU’s General Data Protection Regulation and the California Consumer Privacy Act, cybersecurity has become a tier-one business risk — and, as a result, the CISO’s role has changed dramatically,” said researchers in the Optiv report. “Combined with CEOs being held accountable by boards for cybersecurity issues, this has helped to elevate some CISOs to a level commensurate with CIOs and other C-level executives.”
One of the best ways for healthcare organizations to prevent these breaches is by staying current with the guidelines put out by the Consumer Technology Association.
“Some organizations are farther along this evolutionary curve than others,” the researchers noted. “There still are many that keep CISOs relegated to their traditional technical roles, but others view the CISO as an important part of next-generation digital transformation and other business initiatives, because they know that major security or compliance miscues can derail the business.”
From the November 2019 Issue of McKnight's Long-Term Care News
