Cybersecurity and Privacy

FinThrive SVP and CISO Greg Surla discusses why providers should not rely on single vendors in RCM environments and how the Change Healthcare attack was a watershed moment.  

Jack Clough, chief growth officer at Celo, describes the company's healthcare messaging app as an alternative to texting that enables quick, seamless communication for timely care delivery while keeping patient data safe.  

Cyberwrite President Hartmut Mai discusses the Change Healthcare ransomware attack and how chain reaction cyberattacks could affect cyber insurance opportunities.  

US Health and Human Services CISO La Monte Yarborough discusses the HHS 405(d) program, which provides free educational resources and cybersecurity best practices in English and Spanish for healthcare organizations of all sizes.  

Anatomy IT CEO Frank Forte says that redundant systems and practice drills, as well as partnering with vendors to prepare for inevitable cyberattacks, are key to building cyber resilience of healthcare organizations.  

Dave Bailey, VP, Consulting Services at Clearwater Security, recommends developing cybersecurity strategy around a framework like NIST 2.0 and working with leadership to get the necessary resources to address vulnerabilities.  

Scott Stuewe, DirectTrust president and CEO, discusses the company’s health app program to support stakeholders within the FHIR ecosystem and how it allows companies to exchange information securely through direct, secure messaging.   

Lee Kim, senior principal, cybersecurity and privacy at HIMSS, discusses the new NIST Cybersecurity Framework 2.0, which offers specific implementation examples and granular guidance to help organizations manage and reduce cybersecurity risk.

Carolyn Metnick, partner and Healthcare and Privacy & Cybersecurity team member at Sheppard Mullin, recommends that healthcare organizations follow basics such as following HIPAA security rule compliance and doing a security risk analysis.  

Both small and large organizations have risk challenges and threat-monitoring gaps, but executives are increasingly recognizing that cybersecurity in healthcare is a strategic imperative central to patient safety, says Steve Cagle, CEO of Clearwater.