Episode #124. Protecting Patient Data: Healthcare’s Cybersecurity Struggles and Solutions, with Carter Groome, Founder and Chief Executive Officer of First Health Advisory
How can healthcare organizations balance tightening cybersecurity regulations with limited resources and protect patient data effectively?
In this episode, Carter Groome discusses how his company has evolved from an electronic health record optimization firm to a healthcare security, privacy, and risk management consultancy. He and host Ed Gaudet explore the challenges of improving cybersecurity in healthcare, focusing on the strain on rural hospitals and the potential regulatory burdens from proposed HIPAA updates while emphasizing the importance of balancing effective cybersecurity measures with financial viability.
Tune in to hear expert insights on the evolving landscape of healthcare cybersecurity and how organizations can navigate new challenges to safeguard patient safety!
For more information and ways to increase risk awareness and safety, visit us at www.censinet.com.
About Carter Groome:
Carter is the Founder and Chief Executive Officer of First Health Advisory, a global cyber resilience consultancy. He brings 29 years of experience in health cybersecurity, digital transformation, and strategic advisory to advocate for the industry and serve the company’s clients. As CEO, Carter draws on his diverse background in healthcare providers, consulting, and vendor environments to benefit First Health's commercial and government clients.
Carter began his health technology-focused career at Adventist Health System, implementing and optimizing various Electronic Health Records (EHR) and best-in-class ancillary systems. Over time, he became increasingly involved in systems integration, enterprise interoperability, and strategic planning for numerous healthcare organizations across the United States, ultimately leading to First Health's founding in 2005.
First Health is a premier advisor and consultancy serving healthcare entities, addressing the growing need for rigorous risk assurance while maintaining business drivers. Leveraging a holistic understanding of healthcare operations, workflows, policy, and security, First Health has developed a multidisciplinary cyber approach that fosters efficiency and preserves resources for providers, pharma, health tech, and government health entities.
As an industry advocate, Carter’s expertise is often featured by CNN, Forbes, The Wall Street Journal, The Washington Post, and Politico. He is a CHIME Board of Trustees Member (Education Chair), a current Health Sector Coordinating Council Member, a former AEHIS Board Member, a HIMSS Risk Assessment Work Group Member, and an education partner of the SANS Institute. Carter has also served on the Children's Eye Foundation Board and the CHIME Membership Committee.
Carter and First Health are deeply committed to cyber health policy and advocacy to enhance the resilience of the healthcare sector, improve patient safety, and bolster national security. His unique position in Washington has made him instrumental in advancing cyber performance goals, engaging in public speaking, and raising congressional awareness about the challenges of protecting the health sector.
Carter is a recipient of the 2024 Baldrige Foundation Award for Leadership Excellence in Cybersecurity. He holds a BS in Health Science from the University of Arizona and an MBA from Johns Hopkins University. He currently resides in Washington, DC.
Things You’ll Learn:
- Potential new regulations could significantly affect the healthcare sector, creating challenges and opportunities for businesses to meet new standards while also considering the practical aspects of compliance and funding.
- Healthcare organizations must invest in attracting and retaining cybersecurity talent to manage emerging risks and regulations in the sector effectively.
- While AI introduces new risks, it can also be an asset in offensive and defensive cybersecurity strategies. That's why it's essential for healthcare organizations to responsibly integrate AI into their business strategies without compromising security and privacy.
- Collaboration among various stakeholders in healthcare is important to improve cyber resilience and protect patient data effectively.
- While new regulations will require organizations to adopt more robust cybersecurity measures, the challenges of funding and compliance remain, especially for smaller or resource-limited institutions like rural hospitals.