TRENDING:

A CIO Outlines Top Security Priorities

Spooner of Sharp HealthCare Also Analyzes Survey Results Marianne Kolbasuk McGee (HealthInfoSec) • April 12, 2013     15 Minutes   
Improving regulatory compliance and security training, as well as detecting and preventing breaches, are top priorities for 2013, the Healthcare Information Security Today survey shows. Sharp HealthCare CIO Bill Spooner tells why those issues are critical.

"Almost every week there is some kind of a reported breach around the country involving thousands of patient records being potentially compromised," Spooner notes in an interview about the survey results with HealthcareInfoSecurity. Fear of bad publicity, and potential fines, stemming from breaches are "increasing the emphasis ... on improving our security profiles,' he says.

Another priority at Sharp HealthCare this year, Spooner says, is implementing "a more formalized governance, risk and compliance program."

The survey also shows that top security technology investments for 2013 include an audit tool or log management, a data loss prevention system and a mobile device management system.

"Like many organizations, we are implementing a mobile device management product that includes a security suite to help secure mobile devices in recognizing that we are seeing more and more requests to use iPads and other similar mobile devices on our system," Spooner says. "We really need to ensure that we're providing adequate protection around that."

Security Strategy

In the interview, Spooner also discusses:

  • His surprise that less than half of survey respondents say their organizations have a documented information security strategy, which he sees as essential;
  • Why updating a risk assessment annually is an important way to deal with emerging risks;
  • Why winning support from senior executives for security investments can be difficult. "Unfortunately, I think the key to winning senior executive support is to have a breach or have your neighbor have a breach," he says. "There's nothing that gets your attention more than a bad experience."

Spooner has been at Sharp HealthCare, a San Diego-based provider organization with seven hospitals, for about 30 years, and he has served as CIO for more than 15 years. In 2009, he was the recipient of the John E. Gall Jr. CIO of the Year award from the College of Healthcare Information Management Executives and the Healthcare Information and Management Systems Society. He was chair of CHIME in 2006.

A full report about the survey results is now available, as is registration for a free webinar analyzing the results.

Previous
Old Cyberthreats Pose Greater Dangers
Next
What Breaches Can Teach Us



Around the Network

Properly Vetting AI Before It's Deployed in Healthcare
Properly Vetting AI Before It's Deployed in Healthcare
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.