Comments
10 Ways To Strengthen Healthcare Security
Oldest First  |  Newest First  |  Threaded View
Page 1 / 2   >   >>
SachinEE
50%
50%
SachinEE,
User Rank: Ninja
8/26/2014 | 3:24:18 PM
Healthcare security
The only thing worse than hackers is a badly organised patient information management system. Not everytime are hackers responsible. When healthcare is being talked about, we are assuming that the hospital (or chain of hospitals) have a central server which allocates files to patient information. What happens mostly is that this kind of networking does not align up with efficient management and the patient information (and not the case file and treatments offered) stays in the system long after the patient has been discharged.
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/26/2014 | 3:36:35 PM
Re: Healthcare security
That's a great point. Hackers are less likely to be the culprits. It's much more likely to be employees, accidentally or on purpose. And as we've seen from breaches in both healthcare and other industries, all too often they occur because simple steps are not taken. Automating processes really helps; it eliminates the need for someone to remember to do something, always a good thing! 
asksqn
50%
50%
asksqn,
User Rank: Ninja
8/26/2014 | 7:16:07 PM
So easy even a CEO can see it
Excerpt >>We do find that a number of healthcare organizations appoint people... whose training has been primarily in the domain role of healthcare or healthcare management...<<

/Excerpt

 

And there is the entire crux of the problem right there.
pcharles09
50%
50%
pcharles09,
User Rank: Ninja
8/27/2014 | 12:17:51 AM
Re: Healthcare security
@Alison,

More importatnly, automation prevents users from screwing things up or being too 'creative' with tasks.
progman2000
50%
50%
progman2000,
User Rank: Ninja
8/27/2014 | 7:19:57 AM
CSO?
Just what the business world needs, another C-level position that will make more money than me.  I can kind of see the logic but so many organizations are top heavy as it is, is concocting another high level position really the answer to this problem?  Most hospitals are spread razor thin as far as budget to begin with...
Stratustician
50%
50%
Stratustician,
User Rank: Ninja
8/27/2014 | 9:42:42 AM
Re: Healthcare security
Let's not forget the staggering 68% of incidents caused by outsiders!  That's quite a staggering statistic! This means there are lax controls around identity and access management.  Between this risk and Data Loss Prevention from loss/theft, it's easy to see that there are a lot of gaps in policies relating to how data is used, accessed and stored.
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/27/2014 | 12:34:25 PM
Re: So easy even a CEO can see it
Exactly! Surely you'd want a chief SECURITY officer to be expert in security. Healthcare experience will come. This exec certainly is motivated to learn the ins and outs of the business -- and even if someone knows one hospital, each facility has its own nuances and workflows anyway!
Alison_Diana
100%
0%
Alison_Diana,
User Rank: Author
8/27/2014 | 12:37:03 PM
Re: CSO?
I can see why the thought of another c-level might appear unnecessary but who is responsible for security if not a CSO? The CIO? Well, the CIO already oversees everything IT -- and security isn't only tech-related. The CFO? Security should not be ruled by finance, otherwise money talks and security measures walk. The CEO? They have enough responsiblities already? And we know what happens when anything is ruled by committee! The problem with having a lower-level person rule security is it doesn't get enough visibility or leverage, and requests flounder. So I stick by that recommendation, a recommendation I picked up from many security professionals. And it's a great goal for security execs who aspire to the c-suite.
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/27/2014 | 12:38:19 PM
Re: Healthcare security
Absolutely! It's one reason a CSO is so important. They should either be strong in governance or, depending on the organization, work with lead counsel on these efforts to ensure data policies and guidance are strong -- and followed.
Henrisha
50%
50%
Henrisha,
User Rank: Strategist
8/27/2014 | 1:38:55 PM
Re: Healthcare security
True. Employees' inadvertent mistakes can often cause so much damage and problems. It's unfortunate but sometimes you have to remove and just take out the human factor, and you can see the number of errors go down with automation as well.
Page 1 / 2   >   >>


Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.