From the March 2015 issue of HealthCare Business News magazine
Certified health care security and privacy consultants can help if an institution does not have the time or expertise to take on the security review and roadmap. There are also excellent resources such as those published by the United States National Institute of Standards and Technology, (NIST) that recommend ways to evaluate and secure information technologies. Many of the mitigation steps are common sense, yet often ignored. Simple steps include removing default passwords such as ‘admin’ and adding encryption and strong authentication.
A security stronghold: cloud-based health data management
Until fairly recently, most medical devices have been managed within local hospital departments. In order to improve consistency and reduce costs, current trends are moving toward more centralized IT management of medical device data.
A growing number of hospitals don’t want to take on this responsibility in-house, as it puts further pressure on already strained IT personnel. Accordingly, many organizations have migrated to cloud-based medical device data repositories, where patient health information (PHI) is encrypted and kept safe behind the data center firewall, and organizations are able to more easily comply with constantly changing regulations.
The cloud service provider takes on the responsibility for operational requirements, including management and maintenance of the IT infrastructure. Needed security patches and upgrades that often go unperformed in organizations with disjointed systems and facilities are now regularly scheduled, along with other proactive security measures.
There’s also the additional advantage of hosting data in “the cloud” — or online — as clinicians frequently need 24/7 access to a patient’s data from multiple locations, not just during their shifts at the hospital. Hackers with intent to harm a patient — or a hospital or medical device company’s reputation — can use unsecured medical devices as an access point. However, with the right cloud service partner, hospitals can manage costs, improve patient outcomes, and rely on the increasing interoperability of medical device data as a power for good, not evil.
About the author: Scott Whyte, senior vice president of Growth & Innovation at ClearDATA, is a veteran health IT leader, with more than 25 years of experience serving some of the nation’s largest providers and payors. At ClearDATA, he is responsible for driving innovation, growth, and strategic partnerships. Previously, he was vice president of IT at Dignity Health and vice president and CIO at Phoenix Children’s Hospital.
Back to HCB News
