Choosing an Information Risk Management Framework:
The Case for the NIST Cybersecurity Framework (CSF) in Healthcare Organizations
Authored By: Bob Chaput, Founder & Executive Chairman, Clearwater
The question becomes: Am I going to spend my cybersecurity budget on somebody else’s list of ‘good things to do?’ Or am I going to spend it on the basis of my organization’s assets, my exposures, my business goals and objectives?” - Bob Chaput
The white paper describes the role a cybersecurity framework plays in a healthcare organization’s overall risk management program, and why the framework is an appropriate and effective framework for the healthcare industry.
A complete information risk management strategy combines all three of these components to achieve a holistic and effective information risk management program across the healthcare enterprise.
FRAMEWORK | PROCESS | MATURITY MODEL