24 months, 12 healthcare facilities, 2 healthcare data facilities, 2 healthcare technology platforms, and 2 active medical devices
ONE Blueprint to secure healthcare assets
Focusing on patient records
Ignoring advanced threats
Patients not protected
This study is laser-focused on protecting patients, by not just identifying the vast array of security challenges in healthcare, but also by articulating the path forward for the providers and business associates to provide better security.
- Dr. Larry Ponemon, The Ponemon Institute
I almost always get questions like this: “Where do I start with fixing Security?” Or: “I just implemented encryption, now what do I do?” Those days are over: here is a blueprint, a roadmap for building and enhancing your security.
- David Finn, Symantec
We recognize the immense political, regulatory, and business challenges that hospitals face in the pursuit of their security mission, so we designed the blueprint to help a healthcare organization navigate that complexity.
- Geoff Gentry, ISE
The industry today is focused almost exclusively on protecting patient records. We set out on this research to determine what are the threats to patients' lives, and how realistic are those threats. We found those threats to be very real, and worse still the industry is ill prepared to effectively deal with them. We hope this blueprint can move things in the right direction.
- Steve Bono, ISE
We found egregious business shortcomings in every hospital, including insufficient funding, insufficient staffing, insufficient training, lack of policy, lack of network awareness, and many more. These vulnerabilities are a result of systemic business failures.
- Ted Harrington, ISE