Journal of Hospital Administration
International Peer-Reviewed and Open Access Journal for Healthcare Management Specialists

Digital care transformation, the proliferation of disruptive technologies and the changing hybrid workforce have forced the evolution of traditional information technology network boundaries of healthcare organizations. The new landscape has rendered legacy existing perimeter defined and based cybersecurity solutions inadequate to meet increasing regulatory and federal demands for highly secure access management. Emerging compliance requirements, coupled with the concerning increase in healthcare data breaches, ransomware attacks, and security incidents targeting the healthcare sector, have transformed our historic notion of trust into an organizational vulnerability. A “Zero Trust” approach to information security is driven by an imperative to “never trust, always verify,” and requires strict, rigorous and continuous identity verification to minimize trust zones and their associated risk of security breach. Healthcare delivery organizations need to appreciate the importance of a Zero Trust strategy in reducing vulnerabilities, strengthening health system information security, and preventing successful security breaches, while also recognizing how identity and access management serves as the foundation of achieving Zero Trust.