Posted and filed under Cybersecurity, Healthcare, Technology.

Late last month, Advize Health’s Managing Director, Jeanmarie Loria teamed up with Regine Bonneau of RB Advisory LLC to deliver a presentation on IT Inventory and standard security measures. This webinar was free to all attendees and included a discussion on the importance of IT Inventory, and the technologies available to help organizations maintain their tech assets.

Here’s what we, and the audience learned from this conversation.

  1. 43% of attendees did not know if their organization had an IT Inventory in place.
  2. 12% of attendees did not have any kind of active/current IT Inventory process in place.
  3. The cost of a single lost or stolen laptop can reach $1M, depending on the information within. Laptops can contain intellectual property, medical records, financial records, and other personally identifiable information (PII) – all of which can be illegally sold for an exorbitant amount.
  4. Creating and maintaining an IT Inventory should be a priority for organizations of all sizes and budgets. Software programs such as SolarWinds offer larger organizations with a full suite of IT Management and Monitoring tools.

Smaller organizations can utilize an Excel spreadsheet, or enlist the help of Advize Health.

 

  1. Password sharing is a popular and severe breach of compliance. Likewise, utilizing a universal password for all programs is not advisable. The KeePass Password Safe is a simple solution to help organizations securely manage multiple passwords.
  2. Having an IT Inventory can:
    1. Increase IT operational efficiency
    2. Enhance financial accountability
    3. Improve asset lifecycle management
    4. Identify unapproved/unlicensed software
    5. Identify outdated software
  1. The Office for Civil Rights (OCR) requires organizations to have proper knowledge and documentation of all
  2. If your server room looks like this, you may want to consider cleaning up your tech assets:

After you’ve developed an IT Inventory, you may want to consider risk assessments and guidance, HITRUST Self-Assessments, vulnerability scanning, penetration testing, and Chief Information Security Officer as a Service. If you’re interested in learning more, please feel free to Contact Us.

RB Advisory LLC is a boutique firm setting the pace in Governance, Risk, Compliance, and Cybersecurity. Check out their blog.