It's time to reconsider your strategy if you still treat cyber risk as an annual project or initiative. Having a thorough ongoing program in place means that even in the worst-case scenario, you'll be ready to demonstrate that you did what was reasonable and appropriate to protect your systems and patient data. Nothing can guarantee that a cyberattack won't become a breach. Health Centers are a domain with a high potential for data breaches. As a result, it is crucial for health center leadership to adopt breach prevention strategies across their entire organization, as opposed to relegating it to the IT department.
To support health centers in their cybersecurity strategy and implementation, the HITEQ Center is offering a free learning collaborative -- Improving Health Center Cybersecurity: Risk Assessment, Breach Defense, Mitigation, and Response. This learning collaborative will involve four structured virtual learning sessions. During the series participants will engage with subject matter experts and their colleagues in peer-to-peer learning and discussion. Topics will include: health center breach mitigation tactics, operationalizing cybersecurity to better mitigate risks, telehealth risk management strategies, and incident response planning from a cybersecurity perspective.
After participating in this collaborative, attendees will be able to:
- Describe resources, frameworks, and methods for strategic implementation of cybersecurity infrastructure and services.
- Describe essential cybersecurity tools and services that can help decrease the risk of a data breach.
- Use best practices in cybersecurity when implementing modern telehealth tools and RPM initiatives.
- Adopt cybersecurity risk management paradigms and incident response planning templates.
Session 1: Identifying and Assessing Cybersecurity Risks at Your Health Center
In the kick-off to our cybersecurity learning collaborative, we will seek to build knowledge and increase Health Centers' capacity to effectively prepare for and defend against the current onslaught of malware and ransomware attacks being levied against them. Participants will look at ways to build cybersecurity infrastructure through risk management frameworks and strategic risk assessment, with a focus on protecting information across the whole organization.
Session 2: Health Center Hacking Combat and Breach Response Strategies for Awareness, Management, and Training
In this session, we will discuss breach mitigation, ways in which to operationalize cybersecurity in order to better mitigate risks, review risk management tools, and methods for defending against cybersecurity attacks. Breach can occur through both internal and external network leaks, through malware such as ransomware and through physical means on site. We will cover topics related to general knowledge about breach mitigation, methods for mitigating against breach incidences, and addressing gaps in health center defenses.
Session 3: Mitigating Cybersecurity Risk for Remote Patient Monitoring and Telehealth Programs
Patients and health centers use and depend on technology more and more each day. The COVID-19 pandemic has accelerated this trend and introduced additional technologies to solve emerging problems like remote monitoring for patients with chronic disease and broad adoption of telehealth. As these new tools are introduced and integrated to address acute and future needs, it becomes critically important to ensure that patients' data remains secure. This session will discuss recommendations and strategies for assessing risk and improving cybersecurity policies and procedures in relation to RPM and telehealth.
Session 4: Cybersecurity Incident Response Planning for Health Centers
According to IBM's annual Cost of Data Breach Report, the average cost of a data breach for a healthcare organization is more than $10 million. Having a well-documented cybersecurity incident response plan is essential and required for all Health Centers due to the sensitivity of the patient data they are responsible for maintaining. The cost and damage caused by a data breach is often exorbitant, but a strategic incident plan can help to significantly mitigate such effects, and potentially, prevent them from occurring in the first place. This session will provide an overview of incident response planning requirements for health centers and review established workflows for common incident response scenarios such as ransomware attacks.
Apply to the Learning Collaborative Here