Can't afford a security chief? Here are the alternatives

Particularly for smaller hospitals and medical groups, hiring a full-time chief information security officer can be a stretch of the budget and resources. But patient data must still be protected because smaller organizations face many of the same risks larger systems do.

So cybersecurity responsibility often falls to the CIO, the IT director, or, even to a certain extent, the hospital's EHR vendor, none of which are traditionally aligned with a cyber role. 

"All hospitals need to have an individual or entity that provides the position," said Norma Krayem, senior policy advisor for Holland & Knight and chair of the Global Cybersecurity and Privacy Policy and Regulation Team. "The risk is so critical, that hospitals can't afford not to have someone doing this job."

Healthcare Finance News featured Mac McMillan and David Finn's comments in this article.

No Previous Articles

Next Article
GUEST BLOG: The Cybersecurity Shortage: Closing the Gap
GUEST BLOG: The Cybersecurity Shortage: Closing the Gap