Former ONC Privacy Chief on Healthcare's Cyber ChallengesLucia Savage Reflects on Time at ONC, and What's Ahead
To help prepare for ever-evolving cyber threats, healthcare entities need to learn from the security practices of other sectors, says Lucia Savage, former chief privacy officer at the Office of the National Coordinator for Health IT.
Healthcare organizations should "look to the security technologies other industries are using, and make very careful study of whether they are applicable in healthcare," says Savage, who has taken on the new role of chief privacy and regulatory officer at Omada Health, a start-up company providing digital behavioral medicine solutions for patients with chronic illnesses, such as diabetes.
Examples of technologies that healthcare sector entities need to examine, she says, include application programming interfaces and blockchain, the ledger that supports digital currency, she says.
"But I also think healthcare under-capitalizes security," she notes. "There's always a balance between a business goal and securing the data. Established organizations should be looking at how they're funding security and how they're training their security engineers and training their workforces to help those engineers."
In the interview (see audio link below photo), Savage - who will be announcing her new role at Omada during the HIMSS 2017 Conference - also discusses:
- The health data security and privacy achievements she's most proud of during her time at ONC;
- Evolving privacy and cybersecurity challenges facing the healthcare sector;
- Important data protection work that's ahead for HHS.
Before to joining Omada Health as chief privacy and regulatory officer, Savage served for more than two years as chief privacy officer at the Department of Health and Human Services' Office of the National Coordinator for Health. Previously, ONC, Savage was senior associate general counsel at United Healthcare, general counsel at the Pacific Business Group on Health and compliance manager at Stanford University.
Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.