Mac McMillan joined the Healthcare Informatics podcast to talk the year in data security, while dishing out some predictions for 2015. To McMillan, who is co-founder and CEO of consulting firm, CynergisTek, Inc. and current chair of the HIMSS Privacy & Security Policy Task Force, 2014 was the year of the incident.
“Healthcare took it on the chin this year,” McMillan said to podcast host, Senior Editor Gabriel Perna. “The threat community came after the healthcare industry in a much more dedicated fashion and I think we saw some new wrinkles in the challenges that CIOs and IT teams have to contend with.”
In particular, McMillan discussed the hacking and advanced data security threats that healthcare organizations faced in 2014. High-profile hacks of heallth systems, such as the one that affected Community Health, heightened the awareness for hospital and health system CIOs, McMillan said.
“We saw it in the retail sector and the finance sector, with credit cards, and it hadn't come home to roost in healthcare until this year,” McMillan said. “You look at the breach that occurred at Community Health and it was kind of a wakeup call for a lot of folks.”
One area that was quiet in 2014 for data security was in terms of legislation. With a new Congress and the near-end of President Obama's second term, and unfilled positions at the Office of Civil Rights (OCR), McMillan says 2015 will be similarly stable on this front.
As to what he thinks will happen? McMillan laid out several predictions for Perna. He said there will be an uptick in providers who undertake security environment assessments and analyses of their systems; more investments in data loss prevention software solutions; and a continued move towards managed security services.
“This year we saw an uptick in the number of folks that were saying, 'I want someone to partner with on this, I want someone I can count on. There are a number of things I don't feel comfortable doing on my own,'” McMillan said.
McMillan also blogged about the year in data security for Healthcare Informatics.