Wrong Mission
Focusing on patient records
Outdated Approach
Ignoring advanced threats
Failure
Patients not protected
This study is laser-focused on protecting patients, by not just identifying the vast array of security challenges in healthcare, but also by articulating the path forward for the providers and business associates to provide better security.
I almost always get questions like this: “Where do I start with fixing Security?” Or: “I just implemented encryption, now what do I do?” Those days are over: here is a blueprint, a roadmap for building and enhancing your security.
We recognize the immense political, regulatory, and business challenges that hospitals face in the pursuit of their security mission, so we designed the blueprint to help a healthcare organization navigate that complexity.
The industry today is focused almost exclusively on protecting patient records. We set out on this research to determine what are the threats to patients' lives, and how realistic are those threats. We found those threats to be very real, and worse still the industry is ill prepared to effectively deal with them. We hope this blueprint can move things in the right direction.
We found egregious business shortcomings in every hospital, including insufficient funding, insufficient staffing, insufficient training, lack of policy, lack of network awareness, and many more. These vulnerabilities are a result of systemic business failures.