1. Start with a Cybersecurity Assessment of the Network
Achieving HIPAA compliance is often seen as a marker that personal information is protected. The industry is myopic in terms of this idea, said Mikela Lea, principal field solution architect for CDW, and organizations don’t always take the time to examine the vulnerabilities of their infrastructure.
That’s why insights from an external party are crucial. Speaking earlier this month at a CDW Bring IT On session — held virtually due to the cancellation of the HIMSS20 conference in Orlando, Fla. — Lea explained that third-party security assessments help organizations identify weak points in their networks.
They can also be useful as systems evaluate needs after a merger or acquisition. New homeowners, Lea noted, wouldn’t start out by replacing the roof, plumbing or wiring without evaluating the current state of each one.
“So, why do we treat our networks that way?” Lea said. “Why do we go into an environment and immediately put on the new roof, the new air conditioning, continue to put on all the latest and greatest without ever having someone to come in and make sure that we know where our weaknesses are?”