From the bedside to data centers, healthcare requires teamwork to ensure the highest quality of care. This has become increasingly clear when it comes to securing valuable healthcare data.
As vice president of IT at Fountain Valley, Calif.-based MemorialCare, Kevin Torres also oversees the chief technology officer and CISO functions. Through key partnerships, Torres and his team have strengthened cybersecurity at the organization. At MemorialCare’s Technology and Training Center, they can also now test solutions that enhance care.
“We concentrate on the fundamentals,” Torres says. “We react quickly to the changing environment from a cybersecurity standpoint. If we see a threat and there’s something that we can do about it, we act immediately and quickly.”
Torres discussed MemorialCare’s cloud journey and what makes security partnerships a transformative asset in healthcare.
WATCH NOW: CDW helps MemorialCare protect its valuable healthcare data.
HEALTHTECH: How are you validating your cybersecurity program as a whole?
TORRES: We like to compare ourselves with our peers in the industry. Sometimes it's just by conversing with other organizations; other times, it's participating in national benchmarks, such as the annual benchmarking sponsored by the American Hospital Association. That gives us a good evaluation of how we stack up to our peers. What are we doing right and where can we improve our cybersecurity posture? Our partner, because they have a line of sight into so many different healthcare organizations, can also evaluate how we stack up to our peers.
HEALTHTECH: How is your organization adapting to the ever-changing cybersecurity landscape?
TORRES: We take a fundamental approach to our cybersecurity program. We follow the National Institute of Standards and Technology framework like most health systems do, but we concentrate our efforts on the basics. We monitor our systems to make sure that we have a really good program, to make sure that we’re capturing all of those events, and then we have a 24/7 security information and event management (SIEM) system that allows us to manage that remotely and constantly throughout the day to see if there are any adverse events that occur.
There are always opportunities for improvement, but I think we have a solid staff and a good cybersecurity program based on leadership. We concentrate on our cybersecurity not from a technology solution standpoint but from the standpoint of overall risk to the organization.
We use recommendations from CDW when it’s saying, “Hey, look at what’s going on in the industry. You might want to implement these tools or these processes.” We listen carefully and then we implement, and we don’t mess around. I think that our reaction time is what keeps us at the forefront of having a very strong cybersecurity program.
Click the banner below to dive deeper into zero trust and its benefits for healthcare.