With increasing demands on healthcare organizations to quickly accommodate a surge of teleworking employees as a result of the COVID-19 pandemic, IT and information security departments need to exercise security vigilance, says former healthcare CIO Drex DeFord.
“Being in a hurry is a recipe for a cybersecurity problems now or in the future,” he says in an interview with Information Security Media Group.
“Certainly, I’m a big fan of cutting through red tape, and if we can cut through it, let’s reduce the cycles it takes to get things done,” he says. “But a lot of the red tape – especially in the world of cybersecurity – is there for a specific purpose and we need to pay attention to it.
Ensuring Proper Access
A lot of organizations are bringing on temporary nurses, and making sure they have proper access to systems is “incredibly important,” he says.
“We’ve always had individuals who worked at home, but the sheer increase – this crisis-driven remote-work demand – may be enough to overwhelm the work infrastructure that health systems have,” he says.
“It may cause them to have emergency purchases of equipment and emergency installation of hardware and software. The punch line is be very thoughtful in this crisis – the sense of urgency sometimes creates a potential for openings that can be exploited by cybercriminals or landmines you may just step on later.”
In this interview (see audio link below photo), DeFord also discusses:
- Creating “work-at-home kits” that include equipment and “how-to processes”;
- How to address privacy and security challenges for healthcare telework;
- The types of healthcare workers who are candidates for telework;
- Other security and privacy considerations in dealing with the COVID-19 crisis.
DeFord is healthcare executive strategist for Seattle, Wash.-based security services firm CI Security. He is former CIO at number of organizations, including Scripps Health, Seattle Children’s hospital, Steward Healthcare and the U.S. Air Force. DeFord was also previously chair of the College of Healthcare Information Management Executives’ board of trustees.