Duration: 5 min. read
Content and Document Management, Electronic Health Record (EHR), Electronic Medical Record (EMR)
Beyond ÐÓ°ÉÂÛ̳-19: Security in the news
By Jennifer Marshall, Director, Technical Product Management, Healthcare Technology Analytics Solutions
This is the second article in a series?on topics inspired by a focus group discussion among members of CHIME ()?about strategies used to adapt during the pandemic.
Healthcare organizations are the guardians of protected health information (PHI), and security has always been paramount to protect data and prevent identity theft.??stemming from the pandemic and ransomware attacks have accelerated investments in security. Throughout the remainder of 2021 and beyond, digital transformation and cybersecurity will continue to be important to organizational strategies to help ensure hospitals and health systems stay ahead of threats.
CHIME recently shared a??of free government resources available to victims of compromise as well as??on how to better protect the healthcare technology system infrastructure.
Security resource roundup
At Quest Diagnostics, we are committed to the privacy and security of personal information. I recently asked our Security Risk and Compliance team to share some available resources to keep informed about cybersecurity and healthcare. Below are additional sources that can enable healthcare professionals to keep up with the latest cybersecurity news, trends, and leading practices for the healthcare industry.
| Resource | Detail |
|---|---|
| The enterprise IT professional¡¯s guide to information technology resources. Browse this free online library for the latest technical white papers, webcasts and product information to help you make intelligent IT product purchasing decisions. | |
| ?(CISA) | Works with partners to defend against today¡¯s threats and collaborate to build more secure and resilient infrastructure for the future. |
| ?(H-IASC) | A community of critical infrastructure owners and operators within the Healthcare and Public Health sector (HPH) with a mission to enable and preserve the public trust. The member organization seeks to advance the global health sector¡¯s cybersecurity and physical security protection and resilience and enable the ability to prepare for and respond to threats and vulnerabilities. |
| Provides a common set of voluntary, consensus-based, and industry-led guidelines, practices, methodologies, procedures, and processes that healthcare organizations can use to enhance cybersecurity. | |
| Provides privacy and data protection news from around the world. | |
| ?(OCR) | Provides 2 listservs to inform the public about health information privacy and security FAQs, guidance, and technical assistance materials. |
| ?(NCCoE) | Part of the National Institute of Standards and Technology (NIST), is a collaborative hub where industry organizations, government agencies, and academic institutions work together to address businesses¡¯ most pressing cybersecurity issues. This public-private partnership enables the creation of practical cybersecurity solutions for specific industries, as well as for?broad, cross-sector technology challenges. |
| Seeks to strengthen the security of the digital environment. NIST¡¯s sustained outreach efforts support the effective application of standards and best practices enabling the adoption of practical cybersecurity and privacy. | |
| Online edition seeks to capture legal trends and news as they first start to emerge. | |
| One of more than 220 chapters around the world that connects information systems governance, control, risk, security, audit/assurance, business, and cybersecurity professionals and enterprises. | |
| ?(NJCCIC) | The state¡¯s one-stop shop for cybersecurity information sharing, threat intelligence, and incident reporting. Acting in a cyber fusion center capacity, the NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. |
| Provides a weekly summary of newly discovered attack vectors, vulnerabilities with active new exploits, insightful explanations of how recent attacks worked, and other valuable data. | |
| A semiweekly executive summary of recent cybersecurity news articles. Each news item is annotated with important context provided by respected subject matter experts within the SANS community. | |
| Shares industry expert guidance and insight, in-depth features and timely news, and independent product reviews in partnership with and for top-level information security executives and their technical teams. |
Staying updated and implementing cybersecurity best practices can help reduce vulnerability to cyber attacks or help reduce the impact of an incident. Watch for the next topic in this series, which will discuss cloud-based data management.
Disclaimer: The information contained in this blog post is provided solely for informational purposes and is not intended to be specific guidance or advice.
