top of page
shutterstock_2254980631.jpg

Healthcare

Cybersecurity for

Screenshot (331).png

Cybersecurity in healthcare is crucial to safeguard the integrity of medical systems, avoiding clinical disruption potentially resulting in patient harm.

Hospital breaches are increasing in frequency and scale at an alarming rate

40-2.png
104-2.png
57-2.png

Cyberattacks involved over 40M individual patient records in the first half of 2023

1

1

Attacks are up 104% from the second half of 2022 to the

first half of 2023

1

2

57% of healthcare providers reported negative patient outcomes due to cyberattacks

The problem is complex and focuses on three primary areas

people-2.png

Hospital

Personnel

​

through phishing, ransomware and other human-centered means

System

Vulnerabilities

​

hospital infrastructure

and security operations deficiencies

Resiliency

Challenges

​

HIPAA, HHS 405(d)/HICP, and other patient-centric goals and challenges

WE HELP YOU NAVIGATE THE COMPLEXITIES OF PERSONNEL MANAGMENT, SECURITY OPERATIONS AND RESILIENCY

image.png

We will build a robust security framework across these eight critical areas - safeguarding both patient data and the integrity of healthcare delivery.

Managing Risk

Developing a risk profile that 

best supports both clinical and non-clinical operations

Policy Creation

Authoring internal and external policies and SOPs guided by HIPAA and HPH-CPGs

Implementing Safeguards

Establishing security controls for infrastructure guided by HICP and in support of patient safety

Vendor Management

Executing supplier assessments & building SLAs for both cloud and medical devices

Measuring Effectiveness

Performing gap analysis against common hospital security control frameworks

Incident Response Planning

Identifying, mitigating, communicating, and reporting EMR and other system breaches

Staff Security Training

Developing clinical and admin employee awareness training and evaluation programs

Cyber Governance

Reporting to hospital technical and operational executives and boards & trustees

OUR PROCESS

fgnxfbzv.png

1. Assessment

2. Buildout

3. Transition

In this initial phase, Security Counsel will conduct research, evaluate current systems and processes and create a strategy framework to guide the execution of subsequent phases.

In Phase 2, we will create the foundation of the security program and implement new SOPs. We will iteratively assess, refine, and report on the security plan until it is running smoothly and is self-sustaining.

Finally, we will transition the program to your organization by helping you hire and train your security team and provide ongoing mentoring & on-call support as needed.

FROM THE LEADERSHIP

"We understand the biggest security challenges plaguing healthcare today. We can create and support a security program that solves your most urgent problems in order to prevent healthcare delivery interruption and to support compliance."

mattt.png

Matt DeChant

CEO, vCISO

Security Counsel can help you interpret and implement the new HPH-CPG guidelines - we have provided a summary document for review.

​

The full document: Healthcare Sector Cybersecurity – Introduction to the strategy of the U.S. Department of Health and Human Services 

Statistical Sources:

1. Richard Payerchin - Computer attacks in health care are booming so far in 2023 Medical Economics – August 9, 2023 

2. Brian Foy – The Outlook for Healthcare Cybersecurity in 2023 – Security – January 6, 2023 

bottom of page