How to get hospital staff to take cybersecurity initiatives seriously: 2 CISOs weigh in

Listen

Cybersecurity experts know that cyberattacks against hospitals have erupted since the start of the pandemic. In March alone, more than 1 million patients' protected health information was breached.

The cost of these cyberattacks manifests in different ways. In 2020, data breaches cost healthcare organizations $13.2 billion in lost revenue, increased spending on advertising, paying ransoms and more.

Even though cybersecurity is a top priority for security experts, some employees may not be aware of the seriousness of the cybersecurity climate and may be practicing poor security habits. 

Kate Pierce, CIO and chief information security officer of Newport, Vt.-based North Country Hospital, educates her staff by utilizing the FBI's free cybersecurity training for hospital employees. 

"When cybersecurity information comes directly from the FBI, staff gain a new perspective on what is happening and are much more receptive to security initiatives," Ms. Pierce said

Her advice for chief information security officers is to take advantage of this opportunity, as well as other free government resources.

Howard Haile is the vice president and CISO at Broomfield, Colo.-based SCL Health, which was one of the many health systems and hospitals hit by the Blackbaud breach last year.

He said SCL Health has recently reimagined its cyber awareness program. It is focussing on more robust training with new benchmarks and reporting metrics.

"Our goal is to reach our associates with timely and relevant training by leveraging multiple communication avenues," Mr. Haile said. "We are being more transparent with our training metrics and rewarding good security practice."  

At SCL Health, employees with good security practices in place are eligible to win prizes from the SCL Health store.

Copyright © 2021 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars