Best Fit | Small | Medium | Large |
---|---|---|---|
Health information exchange partners | One or two partners | Several exchange partners | Significant number of partners or partners with less rigorous standards or requirements
Global data exchange |
IT Capability | No dedicated IT professionals on staff, IT may be outsourced on a break/fix or projecct-by-project-basis | Dedicated IT respurces on staff No or limited dedicated security resources on staff |
Dedicated IT resources with dedicated budget CISO or dedicated security leader with dedicated security staff |
Cybersecurity investment | Nonexistent or limited funding | Funding allocated for specific initiatives Potentially limited future funding allocations Cybersecurity and IT budgets |
Dedicated budget with strategic roadmap specific to cybersecurity |
Size (provider) | 1-10 physicians | 11-50 physicians | Over 50 physicians |
Size (acute / post-acute) | 1-25 providers | 26-500 providers | Over 500 providers |
Size (hospital) | 1-50 beds | 51-299 beds | Over 300 beds |
Complexity | Single practice or care site | Multiple sites in extended geographic area | Integrated delivery networks Participate in accountable care organization or clinnically integrated network |
Other Org Types | Practices Mangement Organization Managed Service Organization Smaller device manufacturers Smaller pharmaceutical companies Smaller payor organizations |
Health Plan Large Device Manufacturer Large pharaceutical organization |