We lock our doors when we leave home, and we password protect our devices. This sense of security is baked into our daily lives.
Data security in health care is particularly complex. Consider all of the information that you share with your doctor and your health care team—and then think about all of the high-tech devices and software programs that collect and share information about you. Every lab test, CT scan and prescription involves sensitive data that must be handled and stored securely.
As Christiana Care’s Chief Information Security Officer, staying ahead of security threats and protecting our patients’ privacy is my team’s focus around the clock. But sound cybersecurity strategy is something every business leader should be focused on, and by sharing some of our successful strategies at Christiana Care with you, I hope that it encourages you to look at ways to improve information security in your own organization.
Good cybersecurity begins with executive leadership support. Buy-in from the top of the organization down is necessary for protecting patients and customers. At Christiana Care, we emphasize that information security isn’t primarily about technology—it’s about patient safety. If we don’t do a good job of protecting patients’ information and protecting the systems that care for them, we put those patients at risk.
Including information security as a part of your strategic business planning is essential to your success. At Christiana Care, when we built out a multi-year plan, we built protections into that strategy to be successful. For example, as patients increasingly want the convenience of virtual doctor visits using their smartphones or computers, we’re working to deliver those experiences, but we’re also continually evaluating and anticipating the cybersecurity risks that these new technologies involve. We're being proactive, getting in front of the risk versus reacting to threats after the fact.
Whether your organization is large or small, in today’s world, you need to build an effective cybersecurity strategy. Chances are, your challenges aren’t quite as complex as they are in health care, but if you apply these principles in your thinking, you’ll be on the road to success:
• Understand the business strategy of the organization and align the cybersecurity strategy so it is an enabler to the organization’s business goals.
• Determine where the industry is moving, including the drivers and pressures that are driving the industry towards a particular direction. Design the cybersecurity strategy to not only position business leaders to respond to the emergent landscape, but also to the future of the industry.
• Engage the organization’s leadership in understanding why cybersecurity must be integrated within the fabric of the organization.
• Avoid FUD: fear, uncertainty and doubt.
Whether your business is powered by smartphones and laptops or a sophisticated technology infrastructure, cybersecurity is critical to protecting your customers, your employees and your ability to operate. Take steps now to ensure that security is integral to your strategy and planning.