Healthcare Cybersecurity: Plenty of Work to DoAmit Trivedi of HIMSS on the Top Challenges Facing Healthcare
Even though the healthcare sector is clearly a major target for disruptive cyberattacks, many organizations have yet to take the necessary steps to prevent intrusions or respond to incidents, says Amit Trivedi, a director at the Healthcare Information and Management Systems Society.
The healthcare industry is frequently targeted by cyberattacks that involve social engineering, phishing, denial of service and ransomware, he says in a video interview with Information Security Media Group, ahead of the HIMSS 2021 conference, to be held Aug. 9-13 in Las Vegas.
"In healthcare, [organizations] are being caught unprepared. And when we have incidents that lead to denial of service, they're directly impacting patient safety, since essential services are being taken offline, redirected or compromised," he says.
Lack of Resources
Too many healthcare organizations lack resources dedicated to cybersecurity, he says.
"If you look more specifically within public health agencies and the public health infrastructure - where there's definitely a need for focus and improvement - cybersecurity is going to be a top challenge, along with modernization and overall technology improvements."
In this video interview, Trivedi also discusses:
- Federal regulations that aim to help improve the security of health information exchange, including the 21st Century Cures Act's information blocking rule;
- Industry collaboration around health information exchange;
- Top cybersecurity issues facing the healthcare sector in the months ahead.
As the director of informatics and health IT standards at HIMSS, Trivedi is responsible for directing and coordinating the organization's interoperability strategy across the standards ecosystem. His efforts focus on fostering industry collaborations to advance the secure, private and interoperable exchange of health information. Trivedi formerly was program manager at ICSA Labs, a division of Verizon, which is an authorized certification body that tests and certifies that health IT technology meets federal HITECH Act requirements.