Securing Wireless E-Records - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

10:45 AM

Securing Wireless E-Records

As workers turn to wireless devices to improve care, hospital locks down its network to keep patient data confidential

Few understand how tough it can be to lock down wireless networks better than Stephen Lewack, director of technical services and communications at Columbus Regional Healthcare System. Lewack is protecting a growing number of wireless devices throughout the Georgia hospital, which includes more than 400 in-patient beds, more than 200 long-term care beds, and a pharmacy.

Since 2002, the hospital has been moving away from paper-based processes, instead electronically tracking and sharing patient information such as medical reports, test results, and X-rays. Wireless access to electronic medical records improves the productivity of clinical staff and even the quality of patient care, Lewack says. "People can access the information they need wherever they happen to be," he says.

But that wireless convenience and productivity come with the burden of keeping sensitive patient information secure. "We didn't want to hinder the adoption of these devices by telling [people] what devices they had to use," Lewack says, so one of the first steps he took was to require hospital workers who want to use wireless devices to register them with the technical and communications services office before they use them to access the network.

The ease with which wireless devices such as PDAs, notebooks, and tablets connect to local access points can make it tough to ensure that only authorized devices are granted entry. This, combined with the many attacks that make it possible to snoop on data that's transmitted wirelessly, caused Columbus Regional Healthcare to turn to Fortress Technologies' AirFortress wireless-security gateways to protect its Cisco Systems' wireless infrastructure for more than 1,000 hospital workers.

Why are malicious code attacks and security breaches considered more of a threat this year?The gateways provide several ways to authenticate users to the network, including using passwords and secure wireless encrypted connections. The AirFortress gateways meet the government's rigorous FIPS 140-2 (Federal Information Processing Standards) security-validation program, and maintain compliance with the Health Insurance Portability and Accountability Act, both important factors, Lewack says. The hospital installs AirFortress secure wireless clients on each device. The clients enable the devices to securely connect to the wireless gateways. AirFortress clients support a variety of handheld devices and are easy to manage, Lewack says.

As part of his wireless security program, Lewack also uses wireless security gear from AirDefense Inc., including an intrusion-protection system that helps ensure that rogue wireless access points aren't installed on the network and that also blocks attacks. "Using both provides us a greater level of assurance," he says.

Columbus Regional's wireless network has provided a boost to productivity and patient care, Lewack says. The hospital has more than 110 wireless access points in patient areas now, and dozens more will follow in doctor lounges, cancer conference centers, and other offices.

The market for mobile-device management, including centralized security, is poised to grow to $5 billion by 2010, according to a study released earlier this month by Strategy Analytics. The research firm says the market is currently a tenth that size, but increased complexity and the many different types of devices are driving the need for better management tools.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Remote Work Tops SF, NYC for Most High-Paying Job Openings
Jessica Davis, Senior Editor, Enterprise Apps,  7/20/2021
Blockchain Gets Real Across Industries
Lisa Morgan, Freelance Writer,  7/22/2021
Seeking a Competitive Edge vs. Chasing Savings in the Cloud
Joao-Pierre S. Ruth, Senior Writer,  7/19/2021
White Papers
Register for InformationWeek Newsletters
2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
Current Issue
Monitoring Critical Cloud Workloads Report
In this report, our experts will discuss how to advance your ability to monitor critical workloads as they move about the various cloud platforms in your company.
Flash Poll