In this post Marc Probst, vice president and CIO at Intermountain Healthcare, argues that a new approach to healthcare data security needs to be taken. This approach would, “curtail the current “audits and penalties” approach and work together to fix the root of the problem by building an infrastructure that can truly protect this sensitive data.”
Probst argues that as data becomes digitized and stored electronically we shouldn’t argue over security responsibilities through penalties associated with current regulatory process. Instead Probst states that sharing data, “means acknowledging and sharing the risks inherent in protecting that data while maintaining a unified front against threats.” He argues that this audit and penalize process takes up a vast amount of time, effort and money, all of which could have been been spent focusing on better cybersecurity practices.
Instead, Probst proposes collaboration between the healthcare industry and the government to jointly solve the problem. Probst’s offers six recommendations to improve data security including healthcare security forums to improve education, joint reviews of critical security risks, gaps in the industry, and best practices for remediation and more.