Staying Secure in a Rapidly Changing Digital World



With the end of 2022 in sight, let’s look at a major concern healthcare providers and business associates will be facing in the new year: prioritizing and implementing effective security in a digitally transforming ecosystem. We’ve seen the increasing danger over the past 12 months as organization after organization fell victim to sophisticated cyberattacks. What do we need to know to be able to protect ourselves in the future?

At the HIMSS Healthcare Cybersecurity Forum in Boston this week, “Forrester experts Alla Valente and Kara Wilson presented security trends that have the potential to disrupt healthcare security and privacy,” along with recommendations for avoiding these risks.

The COVID-19 pandemic highlighted two different realities in healthcare. On the one side, the industry according to Valente is “transformative, advanced and disruptive.” We saw this in the incredible speed at which providers were able to shift to providing remote care during a hectic and critical time. On the other side, we’ve seen gaps in provider security grow wider as security and privacy practices fall behind healthcare innovation.

The innovation we’ve seen in the last few years isn’t a bad thing. Valente and Wilson agree that this rapid digitalization of healthcare as a result of a global crisis was something that had an enormously positive impact on the industry. Opportunities opened as a result of this pivoting that would otherwise have appeared much less feasible. In fact, we’ve seen a change in consumer demand as patients begin to prefer remote care options.

With that being said, it’s so important for you as someone who serves patients and handles protected information to be practicing good cybersecurity. As Wilson recommended: “Recognize that compliance is your floor. It is not your ceiling.” While complying with basic HIPAA requirements is an essential place for organizations to start, it is not where an organization should finish.

The experts provided these three pieces of advice for healthcare providers:

  1. Think beyond the walls of your facility to external risk factors, “such as the speed of innovation, economic uncertainty, and climate change,” and consider the risks presented by each of these.

  2. Prioritize security training for employees, especially as more staff are working remotely or using digital devices in their day-to-day jobs.

  3. Improve third-party risk management tactics, as your organization faces increased third-party risk.


If you have questions about compliance requirements or cybersecurity best practices, feel free to contact your team at Medcurity.