Our Commitment to Healthcare Security
ObservSMART, a leading provider of healthcare safety and compliance solutions, meets with Ross Leo, Chief Information Security Officer (CISO). Ross shares insight into healthcare security, and sheds light on his expertise and the company’s commitment to patient safety, data security, and regulatory compliance in the healthcare industry.
Ross Leo, a distinguished professional in the field, holds a Bachelor’s degree in healthcare management from Southern Illinois University and a Master’s in Business Administration with a concentration in IT and systems engineering from the University of Houston-Clear Lake. With an impressive list of certifications, including Certified HITRUST CSF Practitioner (CCSFP) and Certified Information Systems Security Professional (CISSP), Ross is well-versed in data security, privacy, and several other related areas. He has accumulated over 30 years of experience in security-related roles and has completed extensive training, amassing approximately 5000 hours, throughout his career.
Ross’ notable achievements include designing and implementing a groundbreaking telemedicine system for the University of Texas and the Texas Prison system. This system, serving 121 prison locations and a patient population of nearly 350,000, improved healthcare outcomes by over 15% and reduced the cost of prison healthcare by 63%. He also played a pivotal role in enhancing the IT security program at NASA/JSC, securing $80 million in funding through Congressional approval.
Privacy and Security Through HITRUST Certification
Regarding ObservSMART’s pursuit of HITRUST certification, Ross explains that HITRUST is a comprehensive standards framework focusing on privacy, cybersecurity, and regulatory compliance. The company aims to adopt proven and widely accepted security and privacy standards consistently, aligning their system design, build, security, implementation, operations, policies, and controls with HITRUST requirements.
In healthcare, privacy and security have become paramount due to the increasing threat of cyberattacks and the value of patient information in illicit markets. By becoming HITRUST certified, healthcare systems strengthen their resilience against threats, reduce the risk of data breaches, and lower compliance costs. Ross Leo has been working with ObservSMART to obtain the HITRUST certification to demonstrate through independent verification the InvisALERT commitment to strong information privacy and security and validate our customers’ trust in our industry-leading practices.
The Importance of Data Privacy for ObservSMART
Ross Leo’s role as CISO involves safeguarding ObservSMART’s internal systems, ensuring client data security, and reducing supply chain risks for customers. He emphasizes the company’s commitment to delivering secure wearables, minimizing exposure to exploitable information, and providing clients with the necessary knowledge and confidence to operate securely.
ObservSMART’s system design focuses on acquiring and processing the minimum necessary personally identifiable information (PII) and protected health information (PHI). This approach, combined with rigorous implementation and ongoing security measures, significantly reduces the risk of data exploitation.
Ross Leo shares insight into healthcare security and emphasizes the importance of continuous compliance with HIPAA regulations, stating that he stays up to date by utilizing various government and industry resources and maintaining close relationships with industry professionals and agencies.
In closing, Ross Leo expresses his appreciation for ObservSMART’s mission, which focuses on improving patient safety in clinical settings and increasing compliance with safety protocols, helping to streamline staff communication and create a higher quality of care. As he says, “we are committed to caring for the whole person, and in healthcare today, that means taking care of them and their information.”