Culture Club: Creating a Culture of Information Security and Compliance

Subscribe on your favorite platform:

About the Podcast: The CyberPHIx is a regular audio podcast series that reports and presents expert viewpoints on data security strategy for organizations handling patient health or personal information in the delivery of health-related services. These timely programs cover trends and data security management issues such as cybersecurity risk management, HIPAA and OCR compliance strategy and vendor risk management. Meditology Services, the healthcare industry's leading security and compliance firm, moderates the discussions with leaders in healthcare data security.

This CyberPHIx podcast examines one veteran healthcare compliance officer’s experience in changing the organizational culture to integrate security and compliance with the core business.

Listen as former Chief Risk Officer for BCBS of Michigan and current CEO of Watchtower Consulting Lauret Howard speaks with Meditology Services ITRM Partner Brian Selfridge about the following topics:

  • Shifting business priorities to include information security as a top-level issue.
  • Synchronizing security, privacy and compliance functions, roles and responsibilities.
  • Evolution of cybersecurity as a business function and a defined role within healthcare organizations.
  • Establishing accountability for cybersecurity, physical security, and information security at all levels.
  • Establishing audit processes and certifications to evaluate security efficacy and progress.
  • Pitfalls and sure-fire ways to kill a security or privacy program.