Cybersecurity in Privacy Impact Assessment | Episode #107



Subscribe: Apple Podcasts | Email | Stitcher | RadioPublic | Google Podcasts

How To Include Cybersecurity In Your Privacy Impact Assessment

Keeping information safe and secure is a challenging development for businesses of all sizes over the last few years. Remote working and using cloud hosted services forced healthcare practices to change, or at least re-examine, their cybersecurity practices and protocols.

According to CyberEdge’s Cyberthreat Defense Report, 85% of organizations suffered from a successful cyberattack in 2021.

A privacy impact assessment (PIA) is an important tool to help understand the risks to patient health information and your healthcare business.

Does Your PIA Include Cybersecurity Risks and Mitigation Plan?

You should review your PIA regularly, at least annually, and update your risk mitigation plans when there is a change in your administrative, technical, or physical practices. You also need to consider that the threat environment external to your business, like the increasing risk of cybersecurity vulnerabilities, can damage your business.

In this Episode #107 of the Practice Management Nuggets Podcast, Jean L. Eaton, Practical Privacy Coach with Information Managers shows us how to include cybersecurity risks in your PIA.

In this episode, I’m going to help you with understanding how to include Cybersecurity in your Privacy Impact Assessment.

  • Understand the risks to patient care and treatment, your business
  • How to get started – policies, procedures
  • Select a vendor
  • Train
  • PIA
  • Monitor

Show Notes

Introduction Jean L. Eaton

02:30 Cybersecurity in Your PIA

October is Cybersecurity Awareness month! #BeCyberSmart

NIST defines cybersecurity is the ability to protect or to defend the use of cyberspace from cyber attacks

Understand the risks to patient care and treatment, your business

Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP)

CyberEdge’s Cyberthreat Defense Report

08:05  Framework – How to get started – policies, procedures

10:57  Select a vendor

Information Management Agreement 

Transfer risk, but the custodian (healthcare provider) assumes the responsibility for the information that you collect, use, disclose.

Practice Management Nuggets Podcast for Your Healthcare Providers, What Healthcare Practices Should Know About Vendor Vetting And Accountability | Episode #085 with guest Expert Donna Grindle for tips to help you with this step.

16:24  Train – onboard, 4 times a year, change in roles

20:48 Cybersecurity Essentials for Dental Teams 2022

21:49  Risk Assessment

Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP)

Technical Volume 1: Cybersecurity Practices for Small Health Care Organizations

24:00  Monitor – Privacy Officer

On-line Training: Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments

practice management success

Practice Management Success

Are you feeling frustrated with the same problem over and over again in your clinic?

Or solving one problem just to find another problem popping up?

Don’t know where to go for help?

Many new and seasoned clinic managers find that they need help from time to time with questions like the ones that we discussed in this podcast episode.

Do This Now

Members of Practice Management Success can access the video of this episode and the resources here in the membership.

If you are not a member of Practice Management Success, yet—what are you waiting for?

Click here and register now!

With your membership to Practice Management Success, you will get great tips, tools, templates, and training that you can use right away to help you start, grow, maintain, or fix your healthcare practice and your career!


New! Podcast Key Word Search Tool

Did you hear something on today’s podcast that you would like to go back and listen to again?

Or, maybe you heard something on one of our previous podcasts that you want to listen to again, but you can’t remember which one and you would like to find it quickly and easily.

Well, that’s easy to do now!

If you heard something on this podcast that you want to re-visit on the replay video mouse to the top-right corner of the video. Click on the magnifying glass. Enter your keyword in the magic box.

You will automatically be brought to the podcast at the exact spot where we talked about it.

Rate and Review the Podcast

I am honoured that you choose to spend your time with me today. Thank you for the opportunity to share my obsession about privacy, confidentiality and security with you!

Reviews for the podcast on whatever platform that you use is greatly appreciated!

When you provide your honest feedback it helps other people just like you find content that may help them, too. If you received value from this episode, please take a moment and leave your honest rating and review.

Jean L. Eaton, Your Practical Privacy Coach
and Your Practice Management Mentor
with Information Managers Ltd.