When Cyber Risk Becomes a Critical Risk in Health Care

In a Risk & Insurance article, Woods Rogers Principal and healthcare attorney Liz Heddleston provides insights into the cybersecurity vulnerabilities facing today’s healthcare providers. With data breaches creating far-reaching financial and legal consequences across every corner of the industry, the need to protect sensitive data is no longer just a compliance exercise but a core business imperative.

Liz told the publication in an interview, “Because of their sophistication and how interconnected healthcare systems and vendors and workflows are, we consider it enterprise risk. It’s not just about your IT security, but also data governance, frontline employees, vendors, and really the whole gamut of the organization.”

Liz told Risk & Insurance that a common issue is an organization detecting an intrusion but underreacting, relying solely on the IT team to fix it. Often, she says, the problem metastasizes into a full-scale ransomware attack after it is deemed “contained.”

Ultimately, the most successful and well-protected organizations are those that treat cybersecurity as a holistic concern.

Read Risk & Insurance’s look at these enterprise-wide resilience challenges here.