EHNAC: Risk Assessments, IoT Security Crucial in Attack Mitigation

In the wake of large-scale data breaches, healthcare must focus on its risk assessments, IoT security approach, and business associate relationships.

Hospitals and healthcare organizations need to keep a strong focus on their risk management and risk assessment process and ensure that any third parties or business associates also have proper security and IT risk management protocols in place, according to Electronic Healthcare Network Accreditation Commission (EHNAC) Executive Director Lee Barrett.

Also a member of the HHS Cybersecurity Task Force, Barrett explained in a recent statement that large-scale data breaches, such as the Equifax data breach, should serve as strong reminders to healthcare organizations that it is “not a matter of if a breach can happen but when.”

“Hospitals and healthcare systems now need to keep their focus on strategies and tactics to mitigate risk and ensure business continuity once a cyberattack occurs,” Barrett said. “Today’s cybercriminal has evolved into a dangerous entity, capable of bringing an organization’s enterprise and business operation to a halt, compounded by long-term financial and reputational hardships – the WannaCry and Petya ransomware attacks from earlier this year are clear examples of the impact this can have on healthcare.”

To read the full article, visit HealthITSecurity.