Cyber Safety is Patient Safety
Health Tech Magazines
When most people hear the term “Information Security,” they immediately think of “the protection of our data.” Our regulatory regimes back such observations, with the requirements of protecting health information (HIPAA/HITECH), personally identifiable information (PII, credit card data, banking data, etc.), and other sensitive data. Within healthcare, we have been training and educating our workforces since at least 2005 to handle these sensitive data with the utmost care when the HIPAA Security Rule became enforced.
I posit that the Information Security profession has matured well beyond simple ‘data protection’ within healthcare. As threats to this space have gotten more sophisticated over time, the Information Security profession has matured Cybersecurity resiliency. Our mission and goals? Protect the health and safety of our patients and our organizations. We have moved way beyond simply protecting data; the role of the cyber professional today is to protect its organization against active malicious actors who intend to harm. As was unfortunately demonstrated in Dusseldorf, Germany this last year, lives are at stake.
History of Disruptive Cyber Attacks
According to the 2020 Verizon Data Breach Investigations Report, of the 977 breaches evaluated in their 2020 report, 55% of them were conducted by Organized Crime. By October 2020, at least...