On July 15, Jeremy Grant was quoted in Healthcare Info Security on "Why It's Time to Reassess IAM in Healthcare."
The article reviewed a new cybersecurity e-newsletter published by the Health and Human Services Office for Civil Rights that advises HIPAA-covered entities and business associates to carefully examine their policies, practices, and controls for accessing electronic protected health information, with a specific focus on identity and access management controls.
Investing in secure IAM hasn’t been as big a priority in healthcare as it is in other sectors, says Jeremy Grant, a managing director at law firm Venable LLP and former senior adviser to the National Institute of Standards and Technology's national strategy for trusted identities in cyberspace.
But that's changing, Grant says, because threat actors are increasingly targeting healthcare organizations and because new regulations, including those tied to the 21st Century Cures Act, are requiring providers and payers to create new APIs to share patient data. "Those regulations are spurring a new round of investment, particularly in customer IAM systems," he says.
The article can be found here.