There are documented threats to our nation’s critical healthcare infrastructure related to healthcare data breaches that put patients and their protected healthcare information at risk. The threats have grown in number and sophistication in the past decade due to the nearly universal adoption of digital health records and the rise of interoperability. The human and economic consequences of cyber-threats to all sizes of healthcare organization are profound because patients’ lives are put at risk and the viability of healthcare organizations can be impacted irrevocably. 

At a time characterized by the rapid evolution in technology and an exponential growth in the threats, the gap in the number of cybersecurity professionals in the workforce to address these threats continues to grow. This presentation will document the acute needs for a trained workforce to combat cyber threats in Texas, the United States and globally. The barriers, challenges and opportunities associated with workforce development in healthcare cybersecurity and privacy also will be described. Innovative solutions to address the diverse and acute workforce challenges will be presented, including initiatives being undertaken by members of the Health and Public Health Sector Coordinating Council (HSCC), Cybersecurity Working Group, a public private partnership established under Presidential Policy Directive 21 for coordinating strategic and policy approaches to protect our nation from significant cyber and physical threats https://healthsectorcouncil.org. 

The presenter will advocate that educational models focused on patient safety must be employed to creatively engage practicing healthcare professionals in ambulatory and inpatient settings with role-based cyber hygiene skills, and to ensure that healthcare professions’ students integrate cyber awareness into their professional training. To protect against rapidly evolving threats, healthcare organizations need both technical and non-technical cybersecurity talent working together to manage risk. A new workforce pipeline should be developed to educate leaders who can fill critical, non-technical, risk-management roles in healthcare environments. An innovative educational program recently developed and piloted at The University of Texas at Austin to develop non-technical leaders in healthcare privacy and security risk management also will be presented.