Rethinking Healthcare Security as a Cost Center – #HITsm Chat Topic

We’re excited to share the topic and questions for this week’s #HITsm chat happening Friday, 9/4 at Noon ET (9 AM PT). This week’s chat will be hosted by Mich Parker, CISO (@mitchparkerciso) on the topic of “Rethinking Healthcare Security as a Cost Center“.

Healthcare Information Security has been considered a nice-to-have.  With all of the other pressures on organizational budgets, specifically with implementation of Electronic Medical Records systems, this was always second.  The changes to EMR systems to facilitate patients getting access to their own records, either via patient portals or FHIR APIs, has now made it a primary priority to protect patient records.  Conventional business models used to measure security put it as a cost center, along with items such as coffee, rent, and office supplies.

With the move toward patient-centric technologies, we need to rethink information security’s role as a cost center.  Reframing it as a benefit per patient helps us rethink the magnitude of the program’s effects.  This also helps us think of it as an investment in protecting our patients, which is the ultimate goal.

Information Security is the extension of the mission of the organization.  Treating it like coffee or staplers means that you don’t prioritize it, and therefore the overall goals.  We can better meet them by looking at the cost of protection per patient, not cost per tool or product.

Join us for this week’s HITsm chat, as we discuss health equity.

Topics for this week’s #HITsm Chat:

T1: Does your organization utilize patient portals or FHIR APIs yet? Do you plan to? #HITsm

T2: Does your organization have a budgeted information security resource? #HITsm

T3: Do you have a budgeted privacy resource? Do you use a patient privacy monitoring system? #HITsm

T4: Do you regularly scan and monitor your external-facing systems for vulnerabilities? #HITsm

T5: Do your risk assessments address technical risks? #HITsm

Bonus: Have you addressed most of the open items in your technical risk assessments? If not, when do you plan on doing so? #HITsm

Upcoming #HITsm Chat Schedule

9/11 – Losing Connection with Patients During COVID-19
Hosted by Sarah Bennight (@SarahBennight) from @StericycleComms

9/18 – The Role of AI Technology in Healthcare and the Changes It Will Bring
Hosted by Stephanie Guadian (@StephanieG_ECG) and Alexia Severson (@AlexiaS_ECG) from @ElectronicCare

9/25 – Telehealth and Post Acute Care
Hosted by Dr. Jay LaBine (@labinejay) and Dr. Kris Smith from @naviHealthPAC

10/2 – TBD
Hosted by TBD

10/9 – What Do Patients Expect Now?
Hosted by Tim Dybvig (@timdybvig) from @ExperityHealth

We look forward to learning from the #HITsm community! As always, let us know if you’d like to host a future #HITsm chat or if you know someone you think we should invite to host.

If you’re searching for the latest #HITsm chat, you can always find the latest #HITsm chat and schedule of chats here.

About the author

John Lynn

John Lynn

John Lynn is the Founder of, a network of leading Healthcare IT resources. The flagship blog, Healthcare IT Today, contains over 13,000 articles with over half of the articles written by John. These EMR and Healthcare IT related articles have been viewed over 20 million times.

John manages Healthcare IT Central, the leading career Health IT job board. He also organizes the first of its kind conference and community focused on healthcare marketing, Healthcare and IT Marketing Conference, and a healthcare IT conference,, focused on practical healthcare IT innovation. John is an advisor to multiple healthcare IT companies. John is highly involved in social media, and in addition to his blogs can be found on Twitter: @techguy.