Welcome back to Optimum Healthcare IT’s “Center Stage” series, where we turn the spotlight on Optimum’s executive leaders. In this installment, we talk with Ann Mausser, Executive Director, Security Services.
Our service line leaders have track records of service excellence in Healthcare IT and are passionate about their work. Our goal is to improve healthcare through technology, and these leaders are how we’re getting there.
We brought these leaders to our “Center Stage” to get their take on the future of their service lines and Healthcare IT as an industry.
Ann Mausser has more than 25 year’s experience in the healthcare industry specializing in information security, risk analysis and mitigation, and IT operations. She has served in leadership roles for healthcare organizations such as the Hospital Corporation of America (HCA), Texas Children’s Hospital, Memorial Hermann Health System, and Baylor College of Medicine. Ms. Mausser is an adjunct faculty member for Rice University’s Jones Graduate School of Business and was previously named co-faculty for Texas Medical Center’s Nursing Leadership Institute’s executive leadership program. She holds a Bachelor’s of Art and Masters of Business Administration. She is a member of the College of Healthcare Information Management Executives (CHIME), the National Association of Women Master’s of Business Administration, and the American College of Healthcare Executives (ACHE).
What’s the biggest security challenge Healthcare IT organization’s face?
Ann Mausser: The lack of qualified and skilled Information Security personnel is a real and persistent challenge in healthcare. There are many tools and applications available to help detect and protect organizations’ technical environment and effective use of these require skilled staff to properly identify, implement, manage and foresee overlaps. Technical degrees and certifications provide excellent foundations but real-world experience is vital to ensure organizations can create strong security stances.
Background at Optimum
Ms. Mausser joined Optimum Healthcare IT in 2017 as the Executive Director of Security Services. She excels information security assessments and planning that result in improved organizational results. With her experience, Ms. Mausser leads Optimum’s security services track with a focus on assessments and planning, remediation and mitigation, response and recovery, interim services, and performance improvement.
Optimum’s Security Services
Healthcare organizations face increasing risks protecting the data entrusted to them by their customers. The growth in technology adoption, governmental enforcement and regulation, more complex technical and organizational environments, and increased cyber-attacks amplify the need for healthcare organizations to mature their information security programs. Optimum Healthcare IT delivers strategic, operational and execution-based approaches to reducing an organization’s risk posture and avoiding costly breaches. We offer a wide range of services, from strategy development to implementation of risk-reducing technology and processes. We help organizations get a clear picture of their security stance across key areas of people, process, and technology while ensuring their information technology assets are secure and meet regulatory requirements.
How do we stay in front of the threats posed in IT Security?
Ann Mausser: Understanding that any tool, no matter how amazing the vendor tells you it is, is not a panacea for keeping up with all technical threats out in the wild. It takes a collective and holistic approach to staying in front of current and impending threats to organizations infrastructure and data. IT departments will need to resist the tendency to silo roles and responsibilities and truly work as a team, leveraging the valuable information provided by vendor solutions, to adequately protect their environment.
With the expanded use of EHRs, are there steps that healthcare organizations can take to protect themselves and their patients?
Ann Mausser: Yes, there are. First, don’t rely on vendor assurances of security, redundancy and high availability. IT departments should be at the table during planning, assessment, and implementation to ensure security controls are in place and maintained. Second, hold Business Associates accountable to be compliant with not only HIPAA requirements but industry best practices. And lastly, engage and educate the workforce on what potential threats, breaches, and incidents look like – take law enforcement and transportation industry mantras of “If you see something, SAY something!”
What do you see in the future for IT Security – particularly for healthcare?
Ann Mausser: I see healthcare IT Security meaningfully moving past just complying with federal and state regulations, and embracing and committing to be mature in their employment of best practices. There are many models healthcare organizations currently use in bits and pieces to create their IT Security frameworks and I think many organizations now understand they need to adopt a model and measure their maturity to the selected model.
Optimum Healthcare IT has deep experience in healthcare organizations. We understand healthcare operations, the current demands on healthcare IT staff, and the Office of Civil Rights (OCR) expectations for compliance with HIPAA and HITECH. Our consultants have served as hospital CIOs, CTOs, and CISOs. We have the experience and insight to share industry best practices and solutions to common problems. Whatever the engagement, we deliver an individualized experience, customized to meet the needs and culture of your organization.
Make sure to subscribe to our blog for the latest thought leadership in healthcare IT delivered directly to your inbox. You can also follow us on LinkedIn, Twitter, and Facebook to join the conversation. Check back for our next Center Stage feature in the coming weeks.