Aetna's Information Security Chief Talks About Efforts to Protect Clients
In light of the recent hacking event at Community Health Systems. Aetna's Chief Information Security Officer discusses measure being implemented to improve security on their end.
There's been a lot of talk about compliance lately. Federal and state regulations. HIPAA regulations. But, if you're in charge of healthcare security, compliance is far from sufficient, says
"The focus of the information security capabilities and controls has less to do with the regulatory requirements and more to do with the shift in tactics and trends for cybersecurity threats," he explains.
Routh is slated to kick off the
If you think about it, he says, the cycle time for regulatory requirements is measured in years. They’re typically years out of date at best, as it takes time to figure out what the rules should be and what the best way to enforce the rules is.
Compare that with the cycle time on the threat side, which proves fundamentally different. "Back in the good ol' days,” Routh says, "we'd go four or five years before there was a major shift in tactics used by cybersecurity criminals."
Read the interview here:
Source: Healthcare IT News
Newsletter
Stay ahead of policy, cost, and value—subscribe to AJMC for expert insights at the intersection of clinical care and health economics.
Related Articles
Eating Behaviors May Predict GLP-1 Therapy Success in Type 2 DiabetesSeptember 18th 2025
Modest Reductions in PrEP Coverage Result in Avoidable HIV InfectionsSeptember 17th 2025
