Healthcare organizations are struggling to protect private health information and encounter a number of challenges.
Proper security is difficult to maintain when a large number of people need access to patient records, in order to do their jobs. Frequently, some of these employees are temporary or visiting from partner organizations.
Moreover, many healthcare organizations have valuable data on a variety of devices. These mobile devices should be encrypted and have the ability to clean devices when lost. According to a report by Bitglass, since 2010, 68% of all healthcare breaches were due to theft or loss of devices.
Furthermore, healthcare organizations also have specialized medical equipment that cannot be easily scanned for malware because they are closed systems. According to Carl Wright, general manager at TrapX, the specialized medical equipment are FDA certified systems, so they cannot have additional third party software installed.
In order to help combat breaches, the HiTrust Alliance has created a security framework that incorporates recommendations from NIST, HIPAA and other regulations into one framework. According to HiTrust CEO, Daniel Nutkis, approximately 80% of hospitals and insurance companies use its framework. HiTrust is also aiming to reduce the costs of cyber insurance for organizations that have good security practices in place.
Written by Caroline Smith
To read more from Caroline click here
To read more from www.CSOonline.com click here
Caroline Smith is currently a senior at the University of Notre Dame and is a contributor to Medical Groups. She is majoring in Science-Business and Spanish. After graduation, Caroline plans on entering the field of healthcare consulting. She is most interested in the evolving policy changes in the healthcare industry and enjoys learning about new technologies that are being developed.