Pandemic-Ready Cyber Strategy Laid out by Providence

In the spring of 2020, Providence, based in Seattle, was obliged to learn rapidly, with Washington State becoming one of the first U.S. hotspots as SARS-CoV-2 spread. To respond to the public health emergency, the health system immediately set up a slew of new clinical innovations. In addition, it shifted its consumer-facing technologies to manage its response to COVID-19 better.

As it was already far into the process of a significant digital transformation, the health system was ideally positioned to undertake these things. Adam Zoller, Providence chief information security officer, said, “Heading into the pandemic, we were already on the journey for cloud adoption, pushing applications out of our data center-driven approach of the past, our on-premise-driven approach in the past, to this cloud-delivered vision of the future.”

As a result, the health system is shifting from an acute-care-centric paradigm. Patients are funneled into acute-care institutions, to one in which more services, such as telehealth and home health visits, are delivered. It also meant that, as the COVID-19 issue compelled hospitals and clinics across the country to rapidly grow telehealth for patients and adopt remote work plans for employees, Providence was a step ahead in terms of privacy and security.

Zoller will give a presentation on Providence pandemic-era cybersecurity expertise at HIMSS21 in Las Vegas next month. He’ll talk about how he and his team have modified their techniques to deal with the demands of virtual care and work-at-home, as well as how they’ve protected against ransomware and, hopefully, positioned themselves for a challenging future of increased attack surfaces and constant attacks.In this new era of cloud-first, decentralized care delivery and endemic ransomware, he’ll also explore how to design cybersecurity policies that focus on human factors rather than just technology. Such an approach, he argues, will be vital for risk mitigation.