How health IT organizations are using security as a competitive advantage

When speaking with our health IT clients, I’m hearing a distinct shift when it comes to cybersecurity. They no longer view it as an IT cost; they understand how it can facilitate growth, create competitive advantage and build trust in their products and brand.

Their executive management is on board with this thinking, too. They don’t want to hear about fear, uncertainty and doubt when it comes to data breaches, hacks and cyber threats, but rather how cybersecurity can help ‘protect the house and the product’ while at the same time enabling the business, customers and partners.

As more products and services in the healthcare continuum are connected, the need to proactively address cybersecurity increases. And as more consumer and business information is generated and shared, data privacy becomes a critical business requirement. This explains why we’re seeing forward-thinking health IT organizations moving to a new model of cybersecurity – one that’s adaptive to evolving risks and threats plus aligns with overall business objectives, such as increased revenue.

The one unifying thing we see with most health IT clients is the cloud. They need to design, build, assess, test and validate architectures and products on the cloud to confidently go to market with secure solutions. They’re finding that as they address cybersecurity in the design and development of products and services, they experience new ways to innovate and move faster. These cloud-integrated solutions can also enhance data privacy and boost customer trust and brand reputation. These are crucial safeguards as consumers are more concerned than ever about how their data is collected and shared.

Organizations aren’t waiting to hear that security program elements to demonstrate customer data protection are a requirement to closing a deal, they’re getting proactive by using cybersecurity as a sales strategy.

They know that threat actors will always be ahead with new tactics and techniques, so they’re being forced to step up their game.  It’s not just about compliance programs like PCI, HIPAA/HITRUST, FedRAMP or SOC reports that prove they’re serious about data protection. Many organizations are implementing additional security measures to ‘protect the house’, such as technical testing conducted on a regular basis to identify vulnerabilities, cyber engineering to fix identified issues, and incident response plans that are tested every six months.

So, what’s the payoff? After continuing to deliver products and services in a secure manner, customers come to trust interaction with certain companies. Security becomes part of the fabric of what these companies offer, which sets them up nicely to build trust into everything they do. And in the end, it’s a huge competitive advantage.

To learn how leading organizations are integrating cybersecurity from the outset, and in recognition of National Health IT Week, Coalfire is hosting a webinar with a panel of health IT executives who will discuss how their security programs have enabled them to better engage with existing customers, attract new ones, and optimize operations, business processes and IT investments.  For more information, or to register, visit http://www2.coalfire.com/SecuringHealthData.

Andrew Hicks is the Managing Principal at Coalfire

Categories: Uncategorized

Tagged as: , ,

4 replies »

  1. Risk management ultimately involves defining an institution’s predictable disasters as a basis to manage the unpredictable disasters. This includes a monitoring process to assess evolving vulnerability and a testing process. As opposed to data processing security, there is no community by community Disaster Mitigation Strategy for an Influenza Pandemic. The CDC folks in Atlanta have make an effort by publishing a “Community Mitigation Guideline to Prevent Pandemic Influenza…” in MMWR Volume 66/Number 1 on April 21, 2017. It seems that the underlying theme is to rely on annual flu shots for a greater number of citizens.
    Remember, the potency of the flu shot varies substantially from year to year, AND there is NO nationally sanctioned process to assure that Primary Healthcare is equitably available to each citizen. So, I ask everyone: “Who will you call on 11-1-2017 when you wake up that morning with a fever, bad cough and suddenly feeling terrible all over?” You have less than 48 hours to start on an effective use of medication to head-off complications of a flu episode. Its all about influenza risk management from November through March, annually. Historically, about 20,000 citizens of the USA die from influenza. I get a flu shot every year.

  2. Consumers rather pay more if they have to for the brand they trust and feel secure with. Great article, thank you!