IT security is a hefty undertaking for large health care organizations and an even bigger challenge for smaller health care providers. But what about building a strong, comprehensive organizational information security/risk management program to keep information private, readily available to those who need it, and safe from tampering? That’s an even greater feat, one that comes with even broader responsibilities which directly impact the business.
Too many health care organizations hold a narrow view of information security. Perspectives range from just physical/facilities security (“guns and guards”) to purely technology (it’s IT’s responsibility). Yet the responsibility isn’t about alarming doors, managing firewalls, or resetting passwords. It’s much more comprehensive. And it isn’t about handing off the duties to an IT person as another responsibility. It’s much more holistic.
Length: 2 pages (PDF 92 kB)