Technology is only half the battle when it comes to cybersecurity measures for healthcare organizations. The remainder is awareness. Phil Alexander joins John Zuziak on today’s show to dig into common gaps in security awareness and their implications. Phil and John examine the elements of a successful security awareness program, including how to gain buy-in; setting goals; identifying wins; communicating progress and successes; and ultimately making security awareness a part of the organization’s culture. This conversation features John Zuziak, director of the Security and IT Risk Management Practice for Change Healthcare, and Phil Alexander, CISO for North Mississippi Health Services. Here’s what they report on: The need to emphasize security awareness in healthcare Tailoring security awareness training by job function Topics to include in security awareness training Gamifying security awareness Making security awareness training work on a lean budget Building a security awareness program from scratch How to identify program goals Ideal KPIs for success How to win leadership buy-in for security awareness training Communicating program success Pitfalls to avoid Proof security awareness can succeed in healthcare Episode Resources Phil Alexander’s bio John Zuziak’s bio SOC II + HITRUST: How These Audits Will Improve your Organization Vendor-Independent Healthcare Consulting Change Healthcare Consulting Services Change Healthcare Industry Insights COVID-19 Updates and Resources COVID-19 Updates Newsletter Change Healthcare Insights Newsletter Show Resources SUBSCRIBE to the podcast using any podcatcher or RSS reader Suggest or become a guest Contact Change Healthcare