[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    [ISN] Presbyterian CISO stresses importance of governance
From:       InfoSec News <alerts () infosecnews ! org>
Date:       2013-07-23 6:10:19
Message-ID: alpine.DEB.2.02.1307230610070.22052 () infosecnews ! org
[Download RAW message or body]

http://healthitsecurity.com/2013/07/22/presbyterian-ciso-drives-home-importance-of-governance/

By Patrick Ouellette
Health IT Security
July 22, 2013

Without the right governance in place, a Chief Information Security 
Officer (CISO) is unofficially on their own island with little help from 
the outside, according to Kim Sassaman, CISSP and CISO of Presbyterian 
Healthcare Services of New Mexico. During last Wednesday's Institute for 
Health Technology Transformation (iHT2) "Governance is the Key to 
Enterprise Execution of your Security Program" webinar, Sassaman explained 
why governance can be misinterpreted and how it's applied at Presbyterian.

Sassaman, who is also the Information Security Director, began by 
explaining how Presbyterian is an integrated system, health plan and 
delivery system with eight Hospitals, 80 clinics and 400 employed 
providers. He said that historically, security has to kick open doors but 
that governance is the key to opening closed doors. In the past, according 
to Sassaman, the clinical side thought IT folks were against them and 
didn't know how they could help. Whereas now, the paradigm shift has 
enabled IT to be in the driver's seat and force decisions upon clinical 
staff. In an ideal world, both sides would work in unison.

"You want to get to the point where physicians are embracing the controls 
and policies that you're deploying and they're even the ones championing 
it," he said. "And the best way to do that is governance."

[...]



--
Find the best InfoSec talent without breaking your budget!
Post a Job! $99 for 31 days
http://www.hotinfosecjobs.com/

[prev in list] [next in list] [prev in thread] [next in thread]