From: http://labs.sogeti.com/cyber-security-framework-healthcare/
Abstract –As with any other sector, the healthcare industry is also prone to cyber threats. Though the nature of threats is similar to any other industries, it does need to address sector-specific risks along with security risks in its operating environments.
With Healthcare organizations increasingly finding the need to reassure their customers and regulators that their devices have incorporated adequate security measures, there is a growing demand to comply their organization’s security with various recognized security frameworks and standards.
Though numerous standards and frameworks available in the market, selection of the right framework to meet the organization’s need has become a challenge as organizations have to deal with various concerns related to these frameworks like standard inconsistencies, lack of prescriptiveness, compliance, cost, complexity, and certifications.
The Paper addresses some of the challenges faced by healthcare organizations in the selection of a security framework by reviewing some of the common standards and frameworks that are used by healthcare organizations around the world. The also paper highlights the advantages and disadvantages of each of the framework and offers guidance for organizations to select the right framework for compliance and certification needs.
Key Terms – ISO, HITRUST, Security Framework, NIST CSF, HIPAA, RMF
