As OCR promises more fines, two CIOs offer tips on risk assessments.
"I don't do risk assessments; I assess risk," said Sharon Finney, corporate data security officer at Adventist Health System, speaking Thursday at the Healthcare IT News/HIMSS Media Privacy & Security Forum in Boston.
There's a difference. One happens on a daily basis. The other might happen a time or two each each year. A risk assessment, said Finney, sounds like something that "has a beginning and an end, and it doesn't."
As OCR promises more fines, two CIOs offer tips on risk assessments.
Read more: As OCR promises more fines two CIOs offer tips on risk assessments
Leave a Reply
You must be logged in to post a comment.