BOSTON — Healthcare organizations can learn a lot from the Equifax hack of some 143 million records. Executives should not dump stock before disclosing a breach, data integrity takes a team, everyone needs to constantly hone their incident response plan, and the worse is yet to come.

That was the sentiment from speakers on Monday at the Healthcare Security Forum in Boston.

The stock dumping aspect of the situation demands little explanation. MIT professor Stuart Madnick said that the breach ratcheted up the number of exposed records beyond Target and TJX before it.

“Equifax, I’m not sure they accepted the reality of having information about 140 million people,” said Tom Ridge, former Secretary of the U.S. Department of Homeland Security and two-time Pennsylvania governor.

Ridge said his team read through the Equifax 2016 filings and did not encounter the word cybersecurity.

That highlights the fact that every organization, in healthcare and other industries, needs to have a plan.

“Incident response? Execute the plan,” said Darin Prill, senior director of IS technology at Children’s Mercy Kansas City.

Prill advised that the plan should focus on people, processes and technology. A hospital’s incident response plan doesn’t have to cover everything but it should serve as a guideline for how you walk through an incident when it happens.

“You need to have an after-action report,” Prill said. “Come back and calmly, concisely review with everyone what went right and what went wrong,” Prill said. “I guarantee you something is going to go wrong and constant feedback will make the plan so much smoother.”

Christiana Care Health Systems CISO Anahi Santiago added a sentiment that applies equally to data breaches and the broader spectrum of cybersecurity threats.

“It’s going to get worse before it gets betters,” Santiago said.

In the meantime, several speakers suggested that more details of the Equifax incident will unfold in the coming days, weeks and even months.

“This is going to be a game-changer for incident response,” said Dan Bowden, CISO of Sentara Healthcare. “The Target executives could wind up looking really good.” 

Twitter: SullyHIT
Email the writer: tom.sullivan@himssmedia.com

 Read our coverage of HIMSS Healthcare Security Forum in Boston.
⇒ Healthcare must move from risk to resilience, Tom Ridge says
⇒ Slow breach detection, patching, operational snags handcuff healthcare security
⇒ As hackers become more destructive, security needs an all-hands approach
⇒ Obama's cyber czar warns of 3 troubling security trends
⇒ Old legacy devices pose greatest security risk, experts say
⇒ HHS CISO: 3 things hospitals should do right now to strengthen cybersecurity
⇒ Why hospitals should join an ISAC immediately
⇒ 5 common HIPAA compliance pitfalls for healthcare orgs to avoid
⇒ FDA exec to medical device manufacturers: 'Bake security into the design’
⇒ 'Cybersecurity' term might be scaring off young talent
⇒ Cybersecurity is hard, got it? But let's stop blaming hospitals for every breach