CISO Connie Barrera: Don't forget about cybersecurity basics


Having simple protections in place is key to keeping health data safe, says Jackson Health System Chief Information Security Officer Connie Barrera, but often the complexity of cybersecurity can make organizations forget about the basics.

Barrera outlines some of those tried and true policies in a post at They include:

  1. Yearly testing. An outside provider should test systems and programs for vulnerabilities at least once a year, she writes, and can also bring a fresh perspective to the table.
  2. Monthly vulnerability scanning. Having a simple scanning solution to check for issues is an “extremely viable” resource, she says. This will help organizations easily see risks and have the ability to quickly fix them.
  3. Consistent IT employee training. Barrera says often it’s assumed that IT people know how to deal with every kind of issue, but that’s not necessarily true. “The business should not leave competence to chance,” she says. “[O]rganizations can’t send every single person to training, but we need to do a better job in this area.”

Rick Kam, president and cofounder of ID Experts, told FierceHealthIT in May that lax cybersecurity often boils down to the issue of accountability.


Driving Engagement in an Evolving Healthcare Ecosystem

Deep-dive into evolving consumer expectations in healthcare today and how leading providers are shaping their infrastructure to connect with patients through virtual care.

“Someone has to take responsibility to make sure risk assessments are done and there has to be follow-through on the appropriate investments to make sure data is secure," he said. "Organizations are making investments, but they seem not to be making them in a way that's reducing the problem."

Suggested Articles

Walmart has tapped Cambia Health Solutions' Cheryl Pegus, M.D., to serve as its new executive vice president of health and wellness.

Cleveland Clinic posted a $49 million profit after the first nine months of the year as COVID-19 hampered the system's finances.

Andor Health just landed an investment from Microsoft's venture arm to expand its AI-powered virtual health program.