Making Cyber Risk an Enterprise Risk Management Concern
Cyber risk does not exist in isolation. A successful cyberattack doesn’t just threaten your organization’s protected health information or other sensitive data; cyber risk is inextricably linked to the other risks your organization faces. A successful cyberattack could trigger an enforcement action by a regulatory body, such as the Office for Civil Rights or the Federal Trade Commission. A ransomware attack could lead to business interruption and an expensive payoff to resume operations. Other consequences might include damage to your organization’s reputation, lost patients and revenues, a medical malpractice lawsuit or a negligence lawsuit against C-suite executives and board members.
Downstream, the consequences can also turn into talent acquisition challenges, higher cost of capital and higher insurance premiums. An adverse cyber event can result in serious negative financial, regulatory, reputational, and clinical consequences.
Drawing on his nearly 40 years of experience supporting hundreds of hospitals and health systems with compliance risk management and cyber risk management initiatives, Bob Chaput discusses the important collaboration between the Chief Risk Officer and the Chief Information Security Officer in developing a more comprehensive enterprise cyber risk management strategy for securing healthcare data, system and devices that is part of the organization’s broader Enterprise Risk Management program.
Downstream, the consequences can also turn into talent acquisition challenges, higher cost of capital and higher insurance premiums. An adverse cyber event can result in serious negative financial, regulatory, reputational, and clinical consequences.
Drawing on his nearly 40 years of experience supporting hundreds of hospitals and health systems with compliance risk management and cyber risk management initiatives, Bob Chaput discusses the important collaboration between the Chief Risk Officer and the Chief Information Security Officer in developing a more comprehensive enterprise cyber risk management strategy for securing healthcare data, system and devices that is part of the organization’s broader Enterprise Risk Management program.
The podcast ASHRM Podcasts is embedded on this page from an open RSS feed. All files, descriptions, artwork and other metadata from the RSS-feed is the property of the podcast owner and not affiliated with or validated by Podplay.