Search IconSearch

Partnership Program Strives for Innovative, Secure Tech Solutions

The Friends of Cybersecurity program bridges innovative technology solutions with mitigating security risks


Cyberattacks and burnout are common themes dominating the healthcare industry.


Cleveland Clinic is a non-profit academic medical center. Advertising on our site helps support our mission. We do not endorse non-Cleveland Clinic products or services. Policy

As a result, healthcare professionals are increasingly turning to technology to offset these concerns. Oftentimes, these solutions can bring both challenges and consequences.

“Workflow automation is an obvious solution, especially with artificial intelligence (AI) and ChatGPT,” says Tracey Touma, a cybersecurity business liaison in Cleveland Clinic’s Information Technology Division (ITD). “But any new functionality must be fully vetted and secure before applying it in business.”

Touma’s role is to bridge the gap between the organization’s needs and cybersecurity.

“Cybersecurity measures are often viewed as roadblocks.” Touma continues, “We’re working to shift that mindset with multidisciplinary partnerships throughout our health system. We want to ensure that patients receive the best care while maintaining the highest security standards.”

To this point, Touma describes a recent cyberattack that forced the closure of several hospitals.

“Cybercriminals are drawn to healthcare. Patient data is invaluable, and these types of attacks are crippling,” says Touma. “The affected hospitals were offline for six weeks, which caused much more than financial implications —shuttered emergency rooms, patient care delays, limited resources — a devastating situation.”

Protection from these threats and risks requires multifactorial security points; however, these efforts can’t deter innovation and progress.

At Cleveland Clinic, the Friends of Cybersecurity program is working to foster innovation while mitigating risk.

Preventing roadblocks

Led by Touma, the Friends of Cybersecurity program is a structured process to share upcoming initiatives, call to action, collect feedback and discuss concerns.

Touma explains, “Members represent all facets of our business and clinical areas — finance, compliance, physician specialists and more — all caregivers are welcome. These quarterly meetings provide a venue to share and discuss essential security measures that align with our caregivers’ work while upholding our patients’ first commitment.”

In addition to the Friends of Cybersecurity program, there’s a test lab to simulate the impact of potential changes. Engineers and clinical caregivers practice in a non-production environment to confirm that the technology works as intended.

“Clinical input during the testing phase is vital before moving it into production,” says Touma. “Without their feedback, the potential for unintended consequences can detract from our efforts to improve efficiency.”


Partnership in practice

Touma shares a recent project that reduced clicks and calls to the IT Service Desk.

“Many caregivers had multiple passwords for various applications that required password resets every 45 to 90 days.” Touma continues, “This led to ongoing IT Service Desk calls to reset caregivers’ passwords. We resolved the issue by introducing ‘single sign-on,’ which allows caregivers to have one password for multiple applications.”

Since launching the project, IT Service Desk calls related to this concern have decreased by 67%. This caregiver satisfier led to more solutions with the launch of a 12-character, 12-month password initiative and by implementing caregiver badge log-in functionality.

Shadowing brings reality to the forefront

While Touma works side-by-side with the program’s members, she’s also found shadowing to be a vital experience.

“Our Friends program is an open forum for honest dialogue. That’s where I’ve honed my listening skills, and I’m able to stay attuned to what’s being shared and any underlying concerns,” says Touma.

She continues, “Shadowing caregivers gives valuable insight into the ways technology impacts their workflow. By sharing their viewpoint, they have a say in how the ITD teams can adjust the technology to better support their work.”

These valuable partnerships have highlighted instances where innovation has the potential to stall progress. One example is the need to modify the caregiver badge log-in functionality to accommodate differing workflows in the inpatient and outpatient settings.

Touma explains, “Part of healthcare technology is about improving efficiencies in the most secure environment. Shadowing caregivers closes the loop on what’s planned and what really happens. Connecting these dots strengthens the relationship between the business and cybersecurity.”

In the end, Touma says, “Providing caregivers with solutions that give them more time with patients is a win-win. It’s what our patients want and what they deserve.”


Related Articles

Cloud technology
Recovery Readiness Maintains Patient Care, Safety

Cleveland Clinic’s roadmap to recovering critical digital assets stems from strategic planning and preparedness

cyber security
Holistic, Multidisciplinary Approach Protects Patient Data and Privacy

Protecting patient data and privacy while preventing unnecessary risks

Infant fever
Infant Fever: Standardizing Care Connects Clinical Guidance with Digital Tools

The infant fever care path is an interactive, step-by-step tool within the electronic health record that reduces high variability among standard practices to ensure safe, quality care at all Cleveland Clinic locations

One-click Ordering Promotes Preventive Care, Eases Provider Workflow

Cleveland Clinic providers shifted to one-click ordering to simplify the workflow while increasing visibility of patient-specific recommended wellness screenings

Clinical Informatics Elective Provides Immersive Learning Experience

A physician-developed experiential learning elective illustrates the value and necessity for strong collaboration among clinicians and IT professionals

SAVES screenshot
Color Status Signals When to Intervene

Cleveland Clinic Children’s implemented an automated color-coded system to escalate timely care to prevent patient deterioration

Data transfer
Making Modern Healthcare Data Meaningful

Advancing Cleveland Clinic’s clinical systems integration by creating a secure, single database designed and built to modern healthcare standards

Mammogram scheduling
Simplifying Scheduling for Overdue Screening Mammograms

When the COVID-19 pandemic delayed patient care, automated bulk ordering for overdue screening mammograms led to an easy, convenient online scheduling process.