Why ASCs should review their cybersecurity programs

Shelly Harvill, a cybersecurity governance and compliance consultant at Agio, advises investors evaluating ASCs to routinely review the organization's security program and whether it's had any breach activity.

With this in mind, Ms. Harvill shared the following advice for ASC administrators:

"We recommend that ASC administrators seek out a comprehensive third-party evaluation of their security program, including a thorough review of their security and privacy practices for HIPAA compliance and all state regulations that may apply to their core market areas. By conducting an annual HIPAA Security Risk Assessment that also includes penetration testing — a simulated cyber-attack on a computer system to evaluate its security features — the organization can identify any technical and physical control gaps and put a plan in place for remediation.

Another vital step in every Security Risk Assessment is a thorough review of the organization's policy and procedures. Lastly, to minimize financial risk and operational disruption, we recommend all organizations proactively engage a qualified security firm to implement an Incident Response Program that can deploy quickly and mitigate damage when an incident does occur. A qualified IRP team can assist in breach response and reduce the time for the organization to be back to normal operations."

To participate in future Becker's Q&As, contact Angie Stewart at astewart@beckershealthcare.com.

For a deeper dive into ASC industry trends, attend the Becker's 17th Annual Future of Spine + Spine, Orthopedic & Pain Management-Driven ASC in Chicago, June 13-15, 2019. Click here to learn more and register.

More articles on leadership:
HCA Healthcare names CEO to lead surgery centers, 6 hospitals bought from Mission Health: 4 details
Legislator introduces bill to allow nurse practitioners full practice authority in California — 5 insights
3 tips for ASCs in 2019 from a health law attorney

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Featured Webinars

Featured Whitepapers