Cybersecurity and Risk Advisory Services

Cyberattacks are increasing against hospitals and health systems, including frequent high-impact ransomware attacks, which disrupt delivery of patient care and risk patient safety. Cybersecurity vulnerabilities and intrusions pose risks to every hospital. While there are significant benefits for care delivery and organizational efficiency from the expanded use of networked technology and electronic exchange of health information, this greater connectivity increases exposure to potential cybersecurity threats. Our goal is to help AHA members to mitigate the many cyber and physical risks hospitals and health systems face every day.

Hospital C-suite and other senior leaders shouldn’t view cybersecurity as a purely technical issue falling solely under the domain of their IT departments. Rather, it’s critical to view cybersecurity as a patient safety, enterprise risk and strategic priority — and instill it into the hospital’s existing enterprise, risk-management, governance and business-continuity framework. Our goal is to help AHA members understand cyber risk goes far beyond an IT risk and responsibility and should be addressed in the enterprise risk management framework that encompasses patient care and safety, financial, legal, regulatory, operational, privacy, reputational and strategic risks.

What are best practices for preparing for cyber and risk incidents? What do you need to do once an incident strikes? Our goal is to be powerful resource for AHA members to guide them through the development of their strategic approaches to prevent, prepare for and mitigate potential cyber risk and attacks.

Preparing for and responding to cyberthreats often requires interaction with the government, law enforcement and the intelligence community. Our goal is to serve as expert advisor and be the connection between AHA members and government agencies as they experience and recover from a cyberattack.