Detecting and Responding to Cyber Attacks

Subscribe on your favorite platform:

About the Podcast: The CyberPHIx is a regular audio podcast series that reports and presents expert viewpoints on data security strategy for organizations handling patient health or personal information in the delivery of health-related services. These timely programs cover trends and data security management issues such as cybersecurity risk management, HIPAA and OCR compliance strategy and vendor risk management. Meditology Services, the healthcare industry's leading security and compliance firm, moderates the discussions with leaders in healthcare data security.

The FBI reported last year that the average dwell time for hackers in the healthcare environment is 270 days before they are detected. Identifying and dealing with potential security gaps is especially important during security due diligence of new entities.

Learn ways that security time gap can be closed in this episode of The CyberPHIx with Peter Merrill, Director of Information Security at Dartmouth/Hitchcock Health Care System and Meditology Services ITRM Partner Brian Selfridge.

Our discussion with Peter touches on the following topics regarding security due diligence of merged and affiliated entities:

  • Maintaining good security measures is a good business practice whether or not your organization is acquiring or integrating a new entity.
  • Learn which security projects to prioritize when affiliating and integrating a new entity.
  • Create a security program that balances the organization’s culture and preference for techniques used in ethical hacking with other security due diligence methods.
  • How to deal with different security approaches within affiliated entities.