In recognition of the 19 annual National Cyber Security Awareness Month, The Outcomes Rocket Network has launched a 10-part podcast series to elevate Cyber Security Awareness in Healthcare on our main channel, the Outcomes Rocket Podcast. Partnering with leaders in healthcare cybersecurity in their capacity as members of the Health Sector Coordinating Council, the podcast aims to illuminate advances made in protecting critical healthcare infrastructure and patient safety, and areas that need further focus to put a stop to Cyber Crime.
What are some basic things that we should be doing to combat prevalent threats that healthcare systems are facing?
In this episode, Saul Marquez had a conversation full of valuable information with Erick Decker, Vice President and Chief Information Security Officer for Intermountain Healthcare, and Julie Chua, Director of the Governance, Risk Management, and Compliance division within the HHS Office of Information Security. Healthcare cybersecurity is in critical condition and so members of the healthcare industry and the Health and Human Services (HSS) have joined forces to improve it. After different task force research efforts were made, the Health Industry Cybersecurity Practices (HICP) document was published. Erick and Julie break down what this publication is all about, the process that took place to write it, and its importance as a manual to protect patient safety with cybersecurity. In the end, cyber safety is patient safety, let us not forget that.
Tune in to this episode to learn about the Health Industry Cybersecurity Practices document that will help healthcare organizations and professionals keep their cybersecurity on point!
Erik Decker is the Vice President and Chief Information Security Officer for Intermountain Healthcare, a multi-state integrated delivery network based in Salt Lake City, Utah. Erik has 22 years of experience in Information Technology, with 15 years focused on Information Security.
He serves as the Chairman of the Healthcare Sector Coordinating Council’s Joint Cybersecurity Working Group, which is a critical infrastructure public-private partnership organization covering more than 300 organizations and over 600 members. He also co-leads the Department of Health and Human Services (HHS) 405(d) task group focused on implementing the Cybersecurity Act of 2015, 405D legislation within the Healthcare sector. The publication was released in December 2018, titled “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients” (HICP).
Erik has been awarded the ISE® North America Executive: Academic/Public Sector, and the Chicago CISO of the Year. In 2018 he served as an expert witness to the House Committee on Energy and Commerce, Subcommittee on Health. Erik has a Master of Science in Information Technology from Loyola University in Chicago and a Bachelor’s degree from the University of Illinois in Champaign/Urbana in Cell and Structural Biology.
Julie Chua is the Director of the Governance, Risk Management, and Compliance (GRC) Division within the HHS Office of Information Security (OIS), Office of the Chief Information Officer. Julie established a Department-wide cybersecurity risk management program and spearheaded the integration of cybersecurity into HHS’ Enterprise Risk Management framework. She is responsible for high-priority, high-visibility initiatives including the implementation of Executive Order 14028, Improving the Nation’s Cybersecurity, establishment of the HHS High-Value Asset (HVA) Program for the identification, protection, and prioritization of HHS’ most critical high-value assets, and oversees the HHS FedRAMP and Cloud Security Program. Julie is also the Federal Lead for the implementation of the Cybersecurity Act (CSA) of 2015, Section 405(d): Aligning Health Care Security Approaches. This public-private partnership effort has received awards for excellence and contributions to the Health IT and healthcare industry communities. This is one of many HHS cybersecurity initiatives to help push forward the cybersecurity and resiliency of the Healthcare and Public Health (HPH) Sector.
