JANUARY EDITION

The Cybersecurity of Patient Information Systems Today and Tomorrow


SmartGroup™ At-a-glance

THEME #1

What are the biggest innovations impacting the security of patient records today?

EXECUTIVE SUMMARY

As hackers become more sophisticated social engineering, employees and unsecure medical devices have an impact on the security of patient data. Blockchain, AI, and cloud technology play a role. Response to data protection has been positive; new prevention technologies are having a positive impact.

  • Data should be protected. Security strategies such as authentication, encryption, and access management must be implemented to ensure patient data security. Data belongs to the individual.
  • Social engineering and employees are the weakest link, contributing to most attacks; continuing to improve cybersecurity awareness is crucial and needs to be specific for issues within the field.
  • Understanding the Zero Trust Network concept and the risks involved with medical devices is an important element in keeping patient data secure. Current vulnerabilities are being addressed.
  • Regulatory policies help to minimize threats. Audits will become the norm as companies must meet compliance standards. Employees will remain the biggest cybersecurity threat within organizations.

ACTIVITY

1584 Days

26 Panelists (0 New)

Posts: 28

Comments: 98

New Followers: 17

126

CONTRIBUTIONS

PANELISTS

MAP

What are the biggest innovations impacting the security of patient records today?

Higher
Significance of Impact
Lower
Lower
Potential Impact
Higher
Click a circle to see details
 
 
 
 
 
 
 
 
 
 

01 . Employee Security Training and Awareness

02 . Security Budget for Security Controls and Programs

03 . Zero Trust Networks

04 . Everyone's Responsibility

05 . ID the Care Team

06 . SETA Programs

07 . Modern Security Practices for Securing Patient I.S

08 . Medical Devices, the weakest link

09 . Cloud services

10 . Technological Security Innovations for Healthcare

TOP POINTS

01 . Employee Security Training and Awareness

Jim Harbert - 4.50 (36 ratings)

Systems Administrator

Comments: 13

Quality: 4.43 (7 ratings)

Y/X Polarity: Low / Low

Employees are the weakest link in any security system for any organization. Employee security training is not a new innovation, but there has been an increase in the amount and type of employee training.

02 . Security Budget for Security Controls and Programs

Bayo Omoyiola - 4.59 (1178 ratings)

Chief Digital Officer

Comments: 4

Quality: 5.00 (4 ratings)

Y/X Polarity: Low / Low

Organizations allocate budgets towards information security on an annual basis to develop a defense-in-depth preventative approach. The defense-in-depth structure consists of hardware and software controls in order to protect the organization’s information systems and data, This is very good. Healthcare organizations also do so. but technical controls are not enough. That is why organizations also spend money on Security Awareness programs to deal with the human side of information security. The regular human end-user is generally considered the weakest link in cybersecurity and degrades the defense-in-depth approach. This is where the security awareness programs come in to tackle the human side of information security. Therefore, Healthcare organizations should not only spend money on technical controls but also invest in Security Education Training and Awareness programs.

03 . Zero Trust Networks

Patrick Henz - 4.54 (8632 ratings)

Head of GRC US, Regional Compliance Officer Americas, Futurist, Storyteller, AI.

Comments: 3

Quality: 4.00 (4 ratings)

Y/X Polarity: Low / Low

Forrester developed nearly a decade ago the concept of a Zero Trust Network. This with the understanding that all parts of a network have their vulnerabilities, so it cannot be trusted that they are not hacked, infected, whatever. Due to this, for each action inside the network, the devices have to identify themselves based on the security protocols. With the single devices stay as isolated as possible. As patient information are sensible information, they should be guarded inside such Zero Trust Networks.