Peter Marks, PhD, is the vice president and CIO of WakeMed, a Raleigh, N.C.-based health system that includes around 8,500 employees.
Here, Dr. Marks discusses the system's cybersecurity strategy and why he is optimistic for the future of healthcare and technology.
Question: What emerging trend or technology in cybersecurity are you most interested in today and why?
Dr. Peter Marks: We always have a focus on Defense in Depth with multiple tools and processes to carry out our responsibility to protect our patients' health information.
With this, our work has focused on our partnership with operations and processes to ensure our staff are well-equipped to recognize cybersecurity issues and practice appropriate reactions in the event of an incident.
We implemented internal phishing training exercises over the past year, and we have greatly reduced the number of instances of staff 'biting' on the phish. At the start of these internal exercises, about 15 percent of our staff needed training following the phish. Now, because of our healthcare team's diligence, we are training less than 1 percent of our staff following an exercise.
Another focus for WakeMed is Disaster Recovery (DR) and Continuity of Operations (CO). There is still work to be done in this area, but we continue to evaluate our DR/CO plans and execute them when appropriate to see if we are ready to operate if there is a cyber or natural disaster. In the military, they say, 'no plan survives first contact.' This means that the plan is nothing unless it is practiced. And I agree wholeheartedly – our cybersecurity efforts are centered around practice and preparation.
Q: How do you think your role will change in the next three years? What are you doing today to prepare?
PM: The promise of technology in healthcare comes in the opportunity to use data information to help make and keep people healthy.
All healthcare leaders should be shifting their focus to turn data into action that can help people. This is not easy as there is still much to do in terms of delivering healthcare every day. With this, leaders need to pivot and take the deluge of information we have to keep patients safe and healthy. Our path towards this goal needs a clear vision and takes a strong partnership between IS and operations. Together, we need to have a long view where we evaluate all analytics point solutions and determine if they can work together to have complete picture of all patients.
Q: What is the most dangerous trend in healthcare or health IT today and why?
PM: I am optimistic about the opportunities in both healthcare and health IT. In healthcare, organizations are all working to change the paradigm to value-based care as the predominant model. The change is not easy, but it is coming. This will be an opportunity to reward providers and payers for keeping patients as healthy as possible. The model is working in many ACOs and other organizations. For health IT, we need to catch up to our business contemporaries in the use of data as a business driver for keeping people healthy. The two opportunities go hand in hand. The future is bright.
Join us at the Becker's Hospital Review Health IT + Revenue Cycle Conference October 9-12 in Chicago. Click here to learn more and register!
To participate in future Becker's Q&As, contact Laura Dyrda at ldyrda@beckershealthcare.com.