3rd Party Risk Management , Access Management , Business Continuity Management / Disaster Recovery

Why a Zero Trust Approach in Healthcare Is Becoming Critical

Erik Decker, CISO of Intermountain Healthcare, Discusses Evolving Trends
Erik Decker, CISO, Intermountain Healthcare

Healthcare sector entities increasingly need to implement a zero trust approach with their security, says federal adviser Erik Decker, CISO of Intermountain Healthcare.

See Also: Now OnDemand | C-Suite Round-up: Connecting the Dots Between OT and Identity

"That is the future of where we are going within healthcare … Making sure that that is in your plans is important," he says in an interview with Information Security Media Group.

"Zero trust is more of a philosophy than anything else - it's an integration of a lot of different architecture and systems … that have to work in concert with each other," says Decker, who is a speaker at the Healthcare Information Management and Systems Society 2022 conference taking place in Orlando, Florida on March 14-18.

Vital components for bolstering ID and access management in healthcare include multifactor authentication and "on the fly" dynamic identity proofing, he says.

He also says building user profiles for what is considered to be "normal access" for individual users is becoming essential.

In the video interview, Decker also discusses:

  • Potential cybersecurity implications and incident response considerations pertaining to the Ukraine-Russia war on the healthcare sector;
  • Evolving cybercrime threats and other worrisome concerns facing healthcare;
  • Where healthcare cybersecurity is headed post-pandemic.

Decker is the CISO for Intermountain Healthcare, a multistate integrated delivery network based in Salt Lake City, Utah. He is currently co-leader of an HHS task group of more than 250 industry and government experts across the country for implementing the Cybersecurity Act of 2015, 405D legislation within the healthcare sector. Decker was previously CISO and chief privacy officer at the University of Chicago Medicine.


About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.