NEW YORK, Feb. 9, 2017 /PRNewswire/ -- With HIMSS17
scheduled for February
19th through 23rd in Orlando, the annual conference will bring
together more than 40,000 health professionals, clinicians,
executives and vendors to address issues, concerns and new
approaches toward improving the health sector, and security will be
one of the leading topics of discussion. Cybersecurity has
become an area of great interest in the health sector and a top
priority for healthcare CIOs. With over 100 data breaches among
healthcare organizations in the past year alone, industry experts
estimate the cost for lost records in 2016 was nearly $3 billion.1 While all breaches
are not directly related to the electronic health record (EHR) or
billing systems, that's where cybercriminals tend to go first to
acquire valuable patient data. According to Logicalis
Healthcare Solutions, the healthcare-focused arm of Logicalis US,
an international IT solutions and managed services provider
(www.us.logicalis.com), there are key aspects of securing patient
information within the EHR and across the healthcare network that
must be addressed holistically. To help jumpstart that
conversation, the healthcare security experts at Logicalis have
outlined five of the top security issues quickly becoming
top-of-mind among healthcare CIOs.
"We need to balance ease-of-use and ease-of-access to patient
data with the ability to secure this information not just within
the health entity itself, but across all member health
organizations that support it. Understanding data flow and system
connectivity is key," says Ed
Simcox, Healthcare Practice Leader, Logicalis Healthcare
Solutions. "As a result, healthcare CIOs must take a holistic,
collaborative and consultative approach to security – examining the
systems and human interaction of patient information throughout its
entire lifecycle."
"You have to take an architectural approach to healthcare
security looking at the whole organization and all data interaction
points, not just the sum of its parts," says Ron Temske, Vice President, Security Solutions,
Logicalis US. "Don't fall prey to buying disparate
best-of-breed solutions which are often deployed in isolation.
Without proper integration and sharing of actionable threat
intelligence, you won't have an effective holistic view of your
security."
Five Top Security Issues for Healthcare CIOs
Cybersecurity is one of the most important issues healthcare IT
professionals face today. Below are the five security topics
expected to top HIMSS17 conversations. Logicalis Healthcare
Solutions suggests healthcare CIOs open an internal dialogue,
explore questions with colleagues and engage an experienced
solution provider who understands the complexities of security and
healthcare IT. Taking a proactive approach to complex issues will
ensure healthcare IT leaders ask the right questions and implement
effective strategies to avoid costly breaches before they
occur.
- Securing EHR Environments: Today's top electronic health
record (EHR) providers – companies like Epic, Meditech and Cerner –
offer very clear guidance to hospitals regarding the architecture
of their computing environments. These prescriptive
guidelines, while created to ensure the functionality of the EHR
solution, can also constrain the healthcare CIO from enhancing
security to protect the patient information contained within the
EHR system. The burning question on many healthcare IT pros' minds,
therefore, is how to secure an EHR application and its associated
data without interfering with or degrading the application itself.
To build an effective data perimeter that works in cooperation with
these top vendors' EHR applications, healthcare CIOs may need an
experienced solution provider's help.
- User Authentication: Think of the sheer number of users
that legitimately log on to a hospital's wireless network daily –
patients, family members, visitors, physicians, subcontractors
(i.e., visiting surgeons, for example) – extremely high volumes of
network traffic to monitor. Which is better – knowing that "Guest
321" has just entered a secure area or that "John Smith" has entered it? Taking the issue of
authentication a step further, since hospitals often have computing
terminals in every patient room, if a doctor logs into the EHR
system to upload patient notes, but forgets to log out, protected
health information becomes easily penetrable by cyber adversaries
as well as well-meaning patients, their family and guests.
Single-sign-on solutions with scheduled timeouts is an example of
an effective tactic to help resolve these concerns.
- Preservation of Identity: While authentication is
critical, so too is the preservation of user identities. With the
virtual desktop infrastructure (VDI) hospitals typically use in
their EHR environments, user identity can be difficult to capture
and audit. Solutions exist, but if the IT professional delivering
the EHR implementation is not familiar with possible security
protocols that can preserve the identity of users throughout the
system, these safeguards won't be enacted.
- Proliferation of End Points: In a hospital setting,
there are a myriad of computing devices in play – desktop and
mobile computers, tablets, smartphones – any of which can be used
to deliver malware or even ransomware into the host network. The
key is to gate access and deploy tighter controls on what users can
see, how they are authenticated and what policies are deployed if a
device is lost or stolen.
- Internet of Things: One of the newest challenges for
healthcare CIOs is the vulnerability inherent in connecting to
Internet of Things (IoT) devices; any piece of medical equipment
with a built-in operating system – even if it doesn't have patient
data stored on it – can become a "zombie" used for nefarious
purposes by a would-be attacker. This challenge is similar to
the EHR security issue in that IoT devices are often too small for
a security software agent to be loaded onto the device requiring
the healthcare CIO to consider a protective data barrier around the
organization's IoT infrastructure.
1 Modern Healthcare, January 20, 2017; "Vital Signs: How America's
Youth is Key to Fixing the Sad State of Cybersecurity."
Want to Learn More?
- Is it time to step up your security game? Don't be held hostage
by ransomware; read these 10 tough security questions every CIO
must be able to answer.
- Managing a comprehensive security solution can overwhelm an IT
department with a continuous swarm of alerts – find out how managed
security services can help: http://ow.ly/fZzA308y6Xl.
- Logicalis has nearly two decades of experience helping
healthcare CIOs tackle their toughest IT challenges; read our most
recent healthcare and security news to learn more, then visit the
Logicalis Healthcare Solutions website here:
http://ow.ly/SHSX308y7eh.
About Logicalis
Logicalis is an international multi-skilled solution provider
providing digital enablement services to help customers harness
digital technology and innovative services to deliver powerful
business outcomes.
Our customers cross industries and geographical regions; our
focus is to engage in the dynamics of our customers' vertical
markets including financial services, TMT (telecommunications,
media and technology), education, healthcare, retail, government,
manufacturing and professional services, and to apply the skills of
our 4,000 employees in modernizing key digital pillars, data center
and cloud services, security and network infrastructure, workspace
communications and collaboration, data and information strategies,
and IT operation modernization.
We are the advocates for our customers for some of the world's
leading technology companies including Cisco, HPE, IBM, NetApp,
Microsoft, VMware and ServiceNow.
The Logicalis Group has annualized revenues of over $1.5 billion from operations in Europe, North
America, Latin America and
Asia Pacific. It is a division of
Datatec Limited, listed on the Johannesburg Stock Exchange and the
AIM market of the LSE, with revenues of over $6.5 billion.
For more information, visit www.us.logicalis.com.
Business and technology working as one
To learn more about Logicalis activities through a variety of
social media outlets, click here.
Media contacts:
Karen Franse, Communication Strategy
Group for Logicalis US
kfranse@gocsg.com
866-997-2424 x222
www.gocsg.com
Arthur Germain, Communication
Strategy Group for Logicalis US
agermain@gocsg.com
866-997-2424 x101
www.gocsg.com
To view the original version on PR Newswire,
visit:http://www.prnewswire.com/news-releases/logicalis-healthcare-solutions-focuses-on-top-five-security-issues-expected-to-dominate-cios-himss17-conversations-300403445.html
SOURCE Logicalis US