Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Blogrige

The Official Baldrige Blog

What We Learned from Baldrige Cybersecurity that Could Help You

What CAMC Health System has learned from the Baldrige Cybersecurity Excellence Builder. Photo shows woman hands around all her mobile devices sitting on top of paper with graphs and showing cyber locks in front of them connected to each other.
Credit: Wright Studio/Shutterstock

“My organization is absolutely prepared and solid when it comes to cybersecurity issues and requirements.” . . . Well, actually, this might not be a statement that many of us are comfortable making.

Instead, one health care system is exploring and sharing what it has done to address cybersecurity, including the lessons that it has learned that might be of value to organizations in all sectors.

Brenda Grant,  Chief Strategy Officer, Charleston Area Medical Center (CAMC) Health System
Brenda Grant
Charleston Area Medical Center (CAMC) Health System
2015 Baldrige Award Recipient
Brenda Grant, chief strategy officer for Charleston Area Medical Center (CAMC) Health System, a 2015 Baldrige Award recipient, will lead a session titled “Operational Effectiveness: Focus on Management of Information Systems and Cybersecurity” at the Baldrige Program’s annual Quest for Excellence® Conference in April. She intends to share her organization’s learnings to date from its work on addressing cybersecurity using the Baldrige Cybersecurity Excellence Builder.

In a recent exchange (captured below), Grant described her upcoming presentation and her perspective on the Baldrige framework.

What are some examples of how you’ve seen organizations benefit from the Baldrige Cybersecurity Excellence Builder?  

Everyone is aware of security breaches and phishing attempts (and if the truth be told most of us have “clicked” when we shouldn’t have!). The Baldrige cybersecurity framework is helping the CAMC Health System lay a strong foundation for determining cybersecurity-related activities that are important to our business strategy and service delivery.

What are your top tips for introducing or sustaining use of the Baldrige framework to promote an organization’s success?

  • Engage your workforce and have them tell your story—that is way more powerful than a PowerPoint presentation!
  • We update and review our results from each of the Baldrige Criteria categories annually as part of our strategic planning process. This allows us to readily see if we are continuing to improve our performance in all areas.
  • Be sure to align your Baldrige work with your regulatory work (i.e., DNV or TJC for health care organizations). For us, our responses to the DNV chapters align perfectly with our Baldrige systems and processes.

What do you view as key reasons or ways that organizations in your sector can benefit from using the Baldrige framework?

There is such change and uncertainty in health care today. As a result of the Baldrige framework, we have built a culture of strategic planning, performance improvement, and transparency that engages our entire workforce. Our learnings around benchmarking and focus on results ground us in our planning and in our daily work.

What would you say to a group of college students about the Baldrige framework and its Criteria?

This is an easy question because I do this a lot! Students working on their master’s degrees often ask how they can apply the Baldrige framework to their organizations if they are not in a management role and their organization is not on the Baldrige journey. I tell them to learn and understand the Baldrige Criteria and apply them to their jobs; for example, establish processes and outcome measures for their work, do cycles of learning, and share their results with their managers. Then, ask to pilot their improvements within their departments and with other departments and watch the enthusiasm spread.

Given what you’ve learned from applying the Baldrige framework in your work, are there ways you’ve also applied the framework in your personal life and, if so, would you please share examples?

I have the privilege of serving on a number of community boards and since “Baldrige” becomes the way you think, I have used the Baldrige framework over and over to help organizations improve their leadership systems, planning systems, and results.

Do you have any funny stories or anecdotes that you’re willing to share about your experience with your organization winning the Baldrige Award?

The use of Top 5 Boards is kind of a trademark for our organization. We stress the importance of focusing on the vital few. But I had one person ask how many Top 5 boards I recommended that a department have—they just couldn’t fit all the department improvement efforts on one Top 5 Board!

Note: The Baldrige Cybersecurity Excellence Builder is a free download for any organization.
 


COME. LEARN. NETWORK. ENGAGE.

Baldrige 30th Anniversary Logo artwork

Quest for Excellence® Conference

BALTIMORE | April 8–11, 2018
Join us for the 30th Anniversary Quest for Excellence Conference showcasing the best practices of the 2017 Baldrige Award recipients!

AWARD CEREMONY

Sunday, April 8
Join us Sunday evening for the Award Ceremony and Dinner honoring the 2017 recipients.

Register Now | Book Your Hotel Room


 

 

About the author

Dawn Bailey

Dawn Bailey is a writer/editor for the Baldrige Program and involved in all aspects of communications, from leading the Baldrige Executive Fellows program to managing the direction of case studies...

Related posts

Comments

Add new comment

CAPTCHA
Image CAPTCHA
Enter the characters shown in the image.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Please be respectful when posting comments. We will post all comments without editing as long as they are appropriate for a public, family friendly website, are on topic and do not contain profanity, personal attacks, misleading or false information/accusations or promote specific commercial products, services or organizations. Comments that violate our comment policy or include links to non-government organizations/web pages will not be posted.