Meditology Models Top Five Skills for CISOs to Succeed in High-Risk Healthcare Industry

Share Article

Meditology announces appointment of former Piedmont Healthcare CISO Nadia Fahim-Koster to fast growing team of nationally recognized healthcare IT, security and privacy experts.

CISO, cybersecurity, information security, heatlh IT

Top 5 Skills for CISOs to Succeed in Healthcare

The healthcare industry looks very different today. Security, privacy and legal requirements are converging, and security professionals are scrambling to keep up. CISOs require a broad combination of skills.

Meditology, the leading professional services company specializing in privacy and security for healthcare organizations, today announced the appointment of Nadia Fahim-Koster, CISSP, CHPS as IT Risk Management Director. As the former CISO for Piedmont Healthcare and recognized industry thought leader in information security, privacy and regulatory compliance, Fahim-Koster brings extensive healthcare experience to the fast growing firm. This announcement follows on the recent appointment of Brian Selfridge, CISSP another former healthcare CISO to Managing Director.

Looking ahead into 2014, healthcare companies face mounting challenges in achieving and maintaining operational excellence and compliance amidst major regulatory change related to HIPAA, HITECH, ICD-10 and the Affordable Care Act. The recent HIPAA mandates on September 23rd put a huge spotlight on Business Associates and organizations must now gear up for Stage II, as well as deal with the risks of emerging HIE, new business models, telemedicine and sophisticated medical devices such as handheld ultrasound machines and iPhone EKG apps.

These same organizations are having significant difficulty finding qualified candidates to run their security programs, especially as the role has evolved from a technical position to more of an executive role. In response Meditology has modeled the “Top 5 Skills for CISOs to Succeed in Healthcare,” based on a combined 50 years of experience spanning over 100 healthcare clients:

Top 5 Skills for CISOs to Succeed in Healthcare

1.    Communication: Proactive, professional and clear communication

  •     Key Criteria: Package the message and speak the language of all groups within the organization from key stakeholders, influencers and executives to physicians, nurses and technicians

2.    Technical: Working knowledge of key areas to interpret the validity of input from direct report, peers, consultants, attorneys, etc.

  •     Key Criteria: Information Security; Information Technology; Regulations; and Privacy

3. Business: Working knowledge of how healthcare services are delivered and paid.

  •     Key Criteria: Industry trends; Regulations; Innovations; Successes and Failures; Basic Operational Workflows; Transaction flows; Key stakeholders; Key influencers

4. Executive: The skill most often missing by candidates – interacting with leaders across the organization in a professional, collaborative and supportive manner.

  •     Key Criteria: Negotiation, including ability to recognize when 100% is not feasible and to negotiate the next best option; Sales; Presentation (for example, addressing unpopular expenditures that are in the best interest of the organization); Diplomacy; Collaboration (with conflicting areas of the organization, e.g., sales and compliance)

5. Leadership: Ability to manage a team with diverse skill sets ranging from policy and compliance to engineers and technologists.

  •     Key Criteria: Recruiting; Management; Mentoring

To download the model, please visit

“The healthcare industry looks very different today. The security, privacy and legal requirements are converging, and Information Security professionals are constantly scrambling to keep up. CISOs require a combination of IT skills coupled with business analysis skills, regulatory knowledge and the ability to communicate across various clinical departments,” added Fahim-Koster.

Fahim-Koster continued, “I am excited to move into a role where I can have an impact at a national level. Meditology is a visionary company with top-notch talent, knowledge and clients and is well positioned to help healthcare organizations with their most complex compliance challenges.”

Fahim-Koster brings 16 years of healthcare experience to Meditology. In her role as Executive Director of Information Security and Regulatory Compliance for Piedmont Healthcare, Inc., she was responsible for the Information Privacy and Security Programs throughout the Piedmont System where she led the remediation of the first OIG HIPAA Security Audit findings. Fahim-Koster also served as the Information Privacy and Security Director for Gwinnett Medical Center. She holds a Master’s degree in Business Administration, Master’s of Science degree in Health Law, and CHPS and CISSP certifications and is a frequent speaker at national and local healthcare conferences including HIMSS as well as a guest lecturer at Georgia State University.

“Nadia represents the kind of professionalism and experience that Meditology brings to our healthcare clients. Her expertise and knowledge will help continue the momentum for Meditology as the premier privacy and security firm in the healthcare industry,” said Brian Selfridge, Practice Leader for Meditology.

About Meditology
Meditology is a leading professional services company with an exclusive focus on the healthcare industry offering two core service lines: IT Risk Management and Healthcare IT Consulting. Meditology's success stems from the deep and extensive expertise of its leadership team, representing a mix of Big Four consulting, provider, payor and vendor experience. Clients include many of the nation’s largest healthcare companies. Visit Meditology at or follow on Twitter (@Meditology) and LinkedIn.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Leslie Kesselring
Kesselring Communications, LLC
+1 5033581012
Email >
since: 10/2011
Follow >
Meditology Services

Visit website