Essential elements for a hacker-proof healthcare cybersecurity strategy

Hospitals and health systems must prioritize cybersecurity in order to protect patient privacy and well-being, as cyber threats become increasingly prevalent, says Rich Curtiss of Clearwater Compliance. Curtiss suggests that health systems should establish cybersecurity as a strategic objective, separate the information security workforce from the IT workforce, and allocate a separate budget for cybersecurity improvements and maintenance. Hospitals should also rigorously vet vendors and include strong business associate agreements in their contracts, says Pam Hepp of Buchanan, Ingersoll & Rooney. Healthcare organizations need to recognize the risks presented by vendor arrangements and allocate appropriate resources to mitigate those risks.