At certain points in history, it becomes apparent that the only way to solve a major question or overcome a monumental challenge is to change our governing perspectives on the matter. These paradigm shifts are sparked by discoveries like the roundness of the earth and the centrality of the sun within the solar system. The concept is astonishingly simple: once we change the way we look at a problem, we may find the key to solving it. Such a paradigm shift might serve the complex and increasingly chaotic realm of healthcare data security.
Beyond the Security Team
In a recent interview posted at Healthcare & IT News his upcoming keynote appearance at Boston’s Privacy & Security Forum, Texas Health Resources CIO Ed Marx explains his organization’s macro-focus on healthcare privacy and security as taking the stand that security is “everyone’s responsibility.”
Instead of taking a laissez-faire approach to the issue and trusting that the IT department is running interference for the entire 25-hospital healthcare system, Marx asks his 24,000-strong workforce to look at security as an all-in proposition. Texas Health is fostering an atmosphere of vigilance amongst the entire employee team, not just the security professionals. This “culture of security” requires yearly training sessions and proficiency tests to drive home the company-wide commitment of increasing security and protecting patient records.
Never Break the Chain
This revolutionary approach to protecting personal health information goes beyond just enlisting workers in the common cause. initiative, Marx also overhauled the chains of command within his organization and formed a security task force with reporting duties to the health system’s board of directors.
Visibility and accountability are primary drivers to security at Texas Health: “We have a direct line of sight from the chairman of the board, who sits on the committee, all the way down to the individual employee.” Marx continues, “When we need support, we get it because we have this governance council for security and straight access to the board.” It’s obvious that Marx and his team mean business, a mindset that patients should appreciate considering the risky state of security affairs at many other healthcare organizations nationwide.
At such a crucial time in the healthcare security realm, when many organizations lack direction while risk to consumer personal health information grows increasingly higher, perhaps this thinking will inspire a much-needed healthcare security paradigm shift.
Written by Dean Van Dyke
Dean Van Dyke is the Vice President of Business Process Optimization for iBridge. He brings more than 18 years of customer relations, business process outsurcing, lean six sigma, program/project management, records management, manufacturing, and vendor management experience to iBridge. Mr. Van Dyke was the former head of Microsoft’s corporate records and information management team, and served honorably for over fourteen years in the U.S. Navy and Army National Guard. He received his Bachelor of Science in Business Administration from the University of South Dakota and his Master’s in Business Administration from Colorado Technical University.