Issue link: https://beckershealthcare.uberflip.com/i/806232
54 CIO / HEALTH IT 23 Ideas to Boost Cybersecurity at Your Hospital in the Next 60 Minutes By Molly Gamble and Emily Rappleye H ospital and health system CIOs don't need to figure out how to implement a blockchain solution to enhance cyber- security at their organizations just yet — there are many simpler things they can do first, ac- cording to HIMSS17 attendees. We asked several attendees and vendors in Orlando, Fla., this: What is one simple thing a health system CIO can do in the next hour to improve cybersecurity at their organization? Here are their tips. (Responses are lightly edit- ed for length and clarity.) Francis "FX" X. Campion, MD, CMO, Ayasdi (Palo Alto, Calif.): "Understanding variants is key … We refer to it as 'anomaly detection,' but there is a new wave of smart in- formation tools to assist in understanding, at the periphery of your organization, where the leaks are and where the abnormal behavior is. It's adopting the next intrusion detection." Adam Klass, Chief Technology Officer, Vig- ilanz (Minneapolis): "ey could take a look at their [disaster recovery] plan ... and ensure good password protection is going on within their organization, but that might take more than an hour. Just establish a security culture in general. You can have all these great things in place, but if the culture isn't embracing that, it's certainly something you need to get your hands around." Ian McCrae, CEO, Orion Health (Auckland, New Zealand): "A lot of hospital systems are managed on low budgets [and] have poor se- curity. I think they are very vulnerable. ere are so many services and things you can do … but if you want to secure your system, you have to do it in the cloud. It is a lot of work." Hemant Goel, President, Spok (Eden Prai- rie, Minn.): "e biggest hole in security is people. Educate your people. One of the black-hat guys, Kevin Mitnick, who is known for his cyber hacking, is a perfect example. He takes a $60 VPN token, buys it … he sets up Google free Wi-Fi [with it] out of his back- pack at Starbucks. Now you're at Starbucks and you think it's Google Free WiFi — and he says I've gotten everyone at Starbucks to login and I've gotten all their info. e easiest thing to do is educate people. Make them savvy and understand how easy it is to hack." Andrew Mellin, MD, CMO, Spok (Spring- field, Va.): "Send out a phishing email that you generate yourself and see how many peo- ple respond." Paul Bradley, Chief Data Scientist, ZirMed (Chicago): "I recently had a long talk with our director of security. He made me aware that right now the attacks most hackers take to get inside are not directly through a firewall. ey are going to send people at your company mes- sages that look really familiar to them that are phishing schemes. ey'll get you to click on a link that will download some malware to your machine. We do a lot of training with our em- ployees to be aware of this. If anything looks suspicious, don't click it and forward it on. At hospitals and health systems too, those are vectors. We all want to help people and answer questions and it's almost like the bad people are trying to prey on that." James Golden, PhD, Senior Managing Direc- tor of Healthcare Advisory and Healthcare IT Practice, PricewaterhouseCoopers (Hartford, Conn.): "[Get a] next gen firewall and improve reporting from an analytics perspective." Aaron Miri, CIO, Imprivata (Lexington, Mass.): "Make sure that you enforce simple identity management solutions, like complex passwords and making sure that there aren't the 'get-out-of-jail' clauses for people that don't have a password on their phone because they want to access email. Maybe they are a certain type of individual — an executive, a physician — that just didn't want [a password]. at can't be acceptable anymore. en look for other ways to strengthen that presence … Let me put it this way. If you are homeowner and you don't lock your front door, and somebody breaks in when you are not home … Whose fault is that? Lock your front door. And then get a security system and double locks, or whatever you need to do. But at least lock your front door." Rod Piechowski, Senior Director, Health Information Systems, HIMSS (Chicago): "Leadership comes from the top. If executive leadership at an organization believes fully in 16 Statistics on Current Salary, Benefits for Health IT Professionals By Anuja Vaidya M ost health IT professionals earn between $100,000 and $119,999 per year, and 46 percent expect a pay raise over the coming year, according to Healthcare IT Market Report 2017: Trends Edition, developed by Pivot Point Consulting, a Vaco Company. The company surveyed 832 health IT professionals from across the United States. Here are 11 statistics on current sala- ry ranges for health IT professionals: • Less than $50,000: 2 percent • $50,000 - $69,999: 13 percent • $70,000 - $79,999: 13 percent • $80,000 - $89,999: 17 percent • $90,000 - $99,999: 11 percent • $100,000 - $119,999: 24 percent • $120,000 - $129,999: 5 percent • $130,000 - $139,999: 6 percent • $140,000 - $149,999: 2 percent • $150,000 - $159,999: 1 percent • More than $160,000: 6 percent The same report identified the ben- efits typically included in health IT professionals' current package. The top five included benefits, according to the respondents, are: • Medical/vision/dental/life insurance: 82 percent • Tuition assistance/ reimbursement: 56 percent • 401(k) match: 56 percent • Telecommute/remote work: 48 percent • Certification training: 45 percent n