Hope for the Best, Expect the Worst, Plan Today

Posted by Ken Reiher

Gerry Blass, President & CEO, ComplyAssistant, and Francois Bodhuin, Assistant Vice President and Chief Information Security Officer at Inspira Health, Vineland, NJ were recently published in the Health Care Compliance Association’s (HCCA) January issue of Compliance Today. Please review the introduction to their article below with a link to continue reading its contents.

The evolution of the risk of successful cyberattacks has been evident since 2010—when the Affordable Care Act was signed and resulted in a transition from paper to electronic medical records. Healthcare organizations began implementing new electronic medical record applications to comply with meaningful use (MU) requirements. Over the years, MU has introduced new criteria with a heavy focus on interoperability among applications. The combination of MU efforts, merger and acquisition activity, and the pandemic-induced remote workforce have increased healthcare organizations’ risk profiles, remaining a prime target for cyberattackers to do what they do best.

There are numerous reasons for the high level of cybersecurity risk in healthcare, such as limited staffing and the technology required to effectively implement controls that reduce risk. These scenarios contribute to higher risk at almost every level of the organization. As a result, we have witnessed successful cyberattacks that have resulted in healthcare organizations experiencing extended downtime for a critical application, their entire network, or somewhere in between.

To continue reading this Compliance Today article, click here.