- Center on Health Equity and Access
- Clinical
- Health Care Cost
- Health Care Delivery
- Insurance
- Policy
- Technology
- Value-Based Care
Lee Barrett Outlines Best Practices for Healthcare Cybersecurity
Data breaches and cyberattacks can have costly and damaging consequences for healthcare organizations, but there are some steps that can be taken to mitigate the risk and impact of these incidents, explained Lee Barrett, executive director of the Electronic Healthcare Network Accreditation Commission.
Data breaches and cyberattacks can have costly and damaging consequences for healthcare organizations, but there are some steps that can be taken to mitigate the risk and impact of these incidents, explained Lee Barrett, executive director of the Electronic Healthcare Network Accreditation Commission.
Transcript (slightly modified)
What are some best practices that healthcare organizations and practices should implement to protect themselves?
For one, make sure that they’ve got the appropriate people in place as far as the privacy and security individuals. Two, what they need to do is to ensure they’ve got the rigor in their organizations to be putting together a very comprehensive risk management and what I would call preparedness plan in the event of a breach, an incident, cyberattack, or ransomware attack.
Third, what they have to do is at least an annual risk assessment, if not ongoing, to be able to go through, ensure that any risks, any vulnerabilities, and as they’re continuing to expand services, that those services are properly evaluated as far as any risks or gaps there and threats.
The other aspect that they need to take on is training: make sure that the staff, all the vendors that they’re working with, have appropriate training and have appropriate controls in place on how they’re going to work with them.
Lastly, I would tell you that the other thing that we tell organizations to do as far as third-party entities is to go through some type of, either mandate contractually or some other way, some third-party review, certification, or accreditation of those entities, again as part of their risk management strategy to reduce the amount of risk that an organization may have that one of their partners may in fact have a breach on their behalf.
Because, at the end of the day, if that entity has a breach, an incident, or an attack, it reflects on that organization and the cost to that organization, that ACO, is going to be extremely high. It’s going to hit them in relation to not only cost from a revenue perspective, but credibility. So, the answer is that organizations need to take it very seriously and put together that risk mitigation, the preparedness plan, and put together some of the best practices that I’ve talked about.
The Importance of Examining and Preventing Atrial Fibrillation
August 29th 2023At this year’s American Society for Preventive Cardiology Congress on CVD Prevention, Emelia J. Benjamin, MD, ScM, delivered the Honorary Fellow Award Lecture, “The Imperative to Focus on the Prevention of Atrial Fibrillation,” as the recipient of this year’s Honorary Fellow of the American Society for Preventive Cardiology award.
Listen
Promoting Equity in Public Health: Policy, Investment, and Community Engagement Solutions
June 28th 2022On this episode of Managed Care Cast, we speak with Georges C. Benjamin, MD, executive director of the American Public Health Association, on the core takeaways of his keynote session at AHIP 2022 on public health policy and other solutions to promote equitable health and well-being.
Listen
An Overview of Health Care and Pharmaceutical Trends, 2023-2024
April 19th 2024Douglas M. Long, BA, MBA, was featured as the keynote speaker on the closing day of The Academy of Managed Care Pharmacy 2024 annual meeting, with a session dedicated to surveying the health care and pharmaceutical trends of the last year.
Read More
