Naming a chief information security officer (CISO), maintaining a separate budget and stating a strategic objective are some of the crucial elements of a healthcare facility cybersecurity plan, according to an article on the Healthcare IT News website.
Board involvement and strict vendor scrutiny are also on the experts' must have list.
“Information risk management will inform many decisions that require organizational prioritization and ensure the C-suite and board are well-informed on threats, vulnerabilities and risks that may adversely impact the organization,” according to Rich Curtiss, a managing consultant at Clearwater Compliance.
Information security workforce should be from the information technology workforce to ensure adequate separation of duties and avoid conflicts of interest, Curtiss said.
Grounding Healthcare Spaces in Hospitality Principles
UC Davis Health Selects Rudolph and Sletten for Central Utility Plant Expansion
Cape Cod Healthcare Opens Upper 2 Floors of Edwin Barbey Patient Care Pavilion
Building Sustainable Healthcare for an Aging Population
Froedtert ThedaCare Announces Opening of ThedaCare Medical Center-Oshkosh