Experts Advise Adopting Risk-Based Approach to Cybersecurity

November 28, 2014 | Strategic Insights for Ambulatory Care


​Simply meeting the privacy and security requirements mandated by the Health Insurance Portability and Accountability Act (HIPAA) is not enough to protect health data from breaches, states a November 7, 2014, article in the Wall Street Journal. Healthcare organizations can do more to prevent breaches, such as by assessing and prioritizing cyber-security risks, according to Jim Routh, chief information security officer at Aetna Inc. "Cybersecurity threats change every 30 days," said Routh. Meanwhile, the regulatory frameworks intended to protect sensitive data have been in development for almost two decades. "They're not designed to be responsive to the changes in the threat landscape," said Routh.

Access Full Content

Contact us today at 610.825.6000.