Case Study

From Protection to Transformation: Southcoast Health’s Refreshed Cybersecurity Strategies Are Advancing Digital Transformation and Business Strategy

2 minutes

The Client Challenge

As New England-based Southcoast Health expanded from a hospital to health system, leadership identified the need to perform a cybersecurity readiness assessment before developing new business models that could increase their risk exposure.

Top Cybersecurity Threats to Healthcare:
  • Phishing
  • Ransomware
  • Third-party risks
  • Medical device security
  • Insider threats

Navigating to Next: The Solution

Southcoast Health is a not-for-profit, community-based health system with multiple access points, offering an integrated continuum of health services throughout southeastern Massachusetts and Rhode Island. The Chartis Group partnered with Southcoast to conduct an IT strategy refresh and cyber risk assessment to prepare Southcoast for continued business transformation. 

Chartis supported this effort by including an assessment that considered current threats and related cybersecurity capabilities, given the desire to expand digital strategies. The assessment also evaluated capabilities of the current security program while focusing on cyber threats in the healthcare sector.

Additional areas of focus were key programs and governance relating to: 
  • Medical Device Security
  • Risk and Compliance
  • Vendor Risk Management

Southcoast had performed a separate enterprise-wide risk assessment, which further validated the cybersecurity risks.

Navigating to Next: Key Components

Cyber Security

BUSINESS STRATEGY

Reframe and confirm the organization’s business strategy

Cyber Security

ASSESSMENT

Evaluate current threats, capabilities, and risk treatment recommendations

Cyber Security

IMPLEMENTATION

Align plan to address gaps and enhance capabilities to enable business strategies

Cyber Security

TEST

Ensure implementation plan and deliverables address stated objectives

Cyber Security

MONITOR

Perform ongoing monitoring, maintenance, and optimization of cybersecurity hygiene

Client Impact

As an output of the security assessment, Southcoast quickly demonstrated significant enhancements to its cybersecurity program, including vendor risk management (from pre-contract to partnership decisions with ongoing monitoring), maturity improvements with network security, and enhanced 24/7/365 support and monitoring. 

Southcoast also greatly enhanced visibility into the cybersecurity program and its overall alignment to the business. Senior leadership is now well positioned to better understand how well the program is supporting key business strategies while reducing overall risk. This was made possible by implementation of stronger governance, heightened incident response preparedness, improved business impact analysis/business continuity planning, and matured processes around third-party evaluations. Senior leadership is now well positioned to better understand how well the program is supporting key business strategies while reducing overall risk.

More Than
60

service locations across Southeastern Massachusetts, including 3 acute hospitals

7500

employees

1100

medical staff


How We Are Making Healthcare Better

Business transformation doesn’t happen without trust. And strengthening cybersecurity measures enables the trust foundation for investment and innovation. ”

Jim Feen
Chief Digital & Information Officer

Next Intelligence

Maturing cybersecurity measures beyond technical controls can enable business strategies:

  • Integrating cybersecurity and business can enable business strategies and effective outcomes
  • Regular engagement with senior leaders and key stakeholders ensures appropriate support
  • Utilizing industry-accepted frameworks can provide the building blocks for establishing and monitoring an effective security program

Related Insights

Contact Us

Get in Touch

Let us know how we can help you advance healthcare.

Contact Our Team
the-chartis-group-footer