The “internet increasingly is a swamp,” says Beth Israel Deaconess Medical Center CIO John Halamka in a recorded interview with Information Security Media Group, prompting the prominent CIO to focus in 2014 on what he calls “increased security maturity” throughout the healthcare enterprise.
In the interview, he refers to the recent cyber attacks on Boston hospitals that brought down web sites, congested networks and made internet sites hard to reach and view inside the hospital. For too long, hospitals have operated under what Halamka calls “the Blanche Dubois principle,” that is trusting in the kindness of strangers.
At the top of his priority list are deploying security technologies that address distributed-denial-of-service attacks, medical identity theft, social engineering and malware. The institution also will redouble efforts on HIPAA education and training to protect the institution against federal penalties for compliance failures. “You’re seeing record-setting settlements for simple things like stolen laptops,” he told Information Security Media Group.
Halmaka reveals in the interview that he spends nearly half of his time on security, suggesting that the CIO title stands in some ways for "compliance information officer."