Back to all posts

Taylor Havlisch

January 10th, 2018

3min Read

How Healthcare Providers Can Protect Patient Data with Vulnerability Management

In case you missed it, last month CardConnect’s Chief Security Officer Rush Taggart shared his thoughts with HealthData Management about the role vulnerability management can play in protecting healthcare providers from the impact of cyberattacks.

The full article is really worth reading, but since you might need to register a free account with the publication to access it, you can see our free version here. We’ve also pulled together a little synopsis for you below.

First, let’s go over exactly what vulnerability management is. It’s the practice of researching and understanding an organization’s vulnerabilities and then developing plans to mitigate them so the impacts of potential data breaches are minimized and even prevented.

In his article, Rush breaks down five important steps to consider in order to effectively practice vulnerability management.

1. Patch, patch, patch.

Don’t make the mistake Equifax did last year - make sure your company is paying attention to patches that need deploying in order to fill vulnerable gaps that may be present in your systems.

2. Control access.

Be careful about who you’re giving access to important data and make sure it’s given only to those who really need it.

3. Beware the phish.

Make sure you and your team know how to identify potential phishing campaigns that can take down your network with the click of one button.

4. Limit accessible data.

Get rid of the unuseful data that’s just sitting on your system, so you can reduce the size of your target for hackers.

5. Monitor traffic constantly.

Monitor your network every single day so you don’t make the mistake of going weeks or even months with undetected malware wrecking your system.


As Rush points out in his article, the bottom line is that putting time and resources into vulnerability management upfront can protect you from the potentially irreversible impacts of a breach. For healthcare providers, there’s an obligation to protect patient data, and it begins with taking vulnerability management seriously.

If you’re interested, you can check out the full article from HealthData Management here.

To learn about security solutions that can protect your organization’s sensitive data, visit our CardSecure page, or get a conversation started with us here.

About Rush

Rush Taggart serves as Chief Security Officer of CardConnect, a payment processing and technology solutions provider. CardConnect’s payment gateway and security offerings were primarily built by Taggart during his time at Princeton Payment Solutions, acquired by CardConnect in 2012. Taggart rebuilt the existing Payware and CardSecure C++ applications into Java, adding significant user functionality as well as platform portability. In 2014, CardConnect was awarded two patents related to payment security that were a direct result of Taggart’s work. Recently, Taggart developed a retail terminal solution for CardConnect's SMB customers, providing a PCI-validated P2PE solution that is also EMV-ready.

Connect with us

blog comments powered by Disqus