IT Audits can be both lightweight and effective

IT Audits can be both lightweight and effective

In our last mailing, we wrote about how to talk to management about security.  This time, we will address what to tell them. 

It is easy to cloud the communication channels with too many details, the wrong details, or too much technical focus. Instead, concentrate on what management needs to know about the issue at hand, and what they should know in their capacity as organizational leaders. This will help them understand the problems you (and, by extension, they) are dealing with, and importantly, help you get the organizational support you need to solve them.

Optimizing your health care security spending

Optimizing your health care security spending

We have conducted over 200 security risk assessments for providers of various sizes, from a multi‐state hospital chain to solo practitioners. One common theme that emerges from all of these assessments is that the return on investment (ROI) on information security products is lower than it could be. Simply stated, most health care providers are wasting limited resources to manage their information security.