Can't afford a security chief? Here are the alternatives

October 22, 2018 Mayuri Kumar

Particularly for smaller hospitals and medical groups, hiring a full-time chief information security officer can be a stretch of the budget and resources. But patient data must still be protected because smaller organizations face many of the same risks larger systems do.

So cybersecurity responsibility often falls to the CIO, the IT director, or, even to a certain extent, the hospital's EHR vendor, none of which are traditionally aligned with a cyber role. 

"All hospitals need to have an individual or entity that provides the position," said Norma Krayem, senior policy advisor for Holland & Knight and chair of the Global Cybersecurity and Privacy Policy and Regulation Team. "The risk is so critical, that hospitals can't afford not to have someone doing this job."

Healthcare Finance News featured Mac McMillan and David Finn's comments in this article.

Previous Article
Analysis: Did Anthem's Security 'Certification' Have Value?
Analysis: Did Anthem's Security 'Certification' Have Value?

Next Article
Obamacare System Breach Affects 75,000
Obamacare System Breach Affects 75,000