As Chicago-based CommonSpirit Health, formed by the merger of Dignity Health and Catholic Health Initiatives in 2019, dealt with a weeks-long fallout from a ransomware attack, health system CIOs and chief information security officers say these large acquisitions can make healthcare systems more vulnerable to security breaches, Becker’s reports.
A healthcare merger and acquisition is not just adding one organization to another; it could also mean inheriting security flaws and vulnerabilities, said Vasanth Balu, CIO of Greensburg, Pa.-based Excela Health.
“Merger and acquisition activities mix new assets, technologies, processes and organization culture from two or more organizations, and risks are always evolving during the period of change,” said Hugo Lai, chief information security officer of Philadelphia-based Temple Health. “It’s hard for the involved parties to stay focused on top risks.” Read more.