Like any risk measure, the level of insider risk in a health system is never static, despite the fleeting comfort a snapshot might provide. Thus, it's helpful for security and privacy professionals to contemplate the reasons spikes occur so mitigation measures can be implemented at the right time and place. For example, if we consider that issuing new user credentials increases risk (at least until training and education can have an impact), then hiring, firing, and poorly handled identity and access management can cause insider risk levels to spike. Of course that's not even to mention M&A, which can increase a health system's risk profile by thousands of employees and hundreds of applications from one day to the next. So what's an IT executive or privacy officer to do? In this timely webinar, we'll speak to leaders who are focused on managing insider risk so spikes can be addressed as efficiently as possible, and fines from HHS/OCR avoided.

Source: Identifying & Mitigating Key Drivers of Insider Risk on healthsystemcio.com - healthsystemCIO.com is the sole online-only publication dedicated to exclusively and comprehensively serving the information needs of healthcare CIOs.