At the HIMSS Healthcare Cybersecurity Forum in Boston this past week, I sat down with Roshal Marshall, managing chief counsel for global privacy and cybersecurity at McKesson.

Our chat was focused primarily on corporate counsel's perspectives on data breaches: how she works with chief information security officers and other IT leaders, advice on ensuring compliance, managing incident response, handling litigation and more.

We also spoke about emerging challenges around artificial intelligence and algorithmic integrity, the 21st Century Cures and information blocking rules – and other data governance and compliance challenges.

Like what you hear? Subscribe to the podcast on Apple Podcasts, Spotify or Google Play!

Talking points:

• Why privacy, security and business continuity are now matters of patient safety.

• Keys to communication, and getting security and IT pros on the same page with legal (hint: "speak English").

• How working on the provider side is different from working with a multinational vendor.

• Perspective on managing different constituents (providers, payers and pharma) and serving different business units.

• Why some health organizations still don't understand that "security and privacy are their number one risks."

• Information blocking compliance: How to understand a set of complex and sometimes confusing set of rules.

• New avenues of data privacy as artificial intelligence matures.

More about this episode:

Take the 2022 HIMSS Cybersecurity Survey

Are we taking patient privacy as seriously as we ought to be?

How to move the needle on third-party cybersecurity

FBI special agent: Call Cyber Operations Center when attacks occur 

Improving cyber preparedness is a collective responsibility

How hospitals can financially measure the risk of cybersecurity attacks

Clinicians need the right messaging to pay attention to cybersecurity

Medical devices are inherently vulnerable to security breaches