"I fear the day when your security requirement kills one of my patients," said a medical practitioner to the security professionals proposing improved security for the clinical information system. Every security professional is familiar with the challenge of deploying strong security practices around enterprise information systems, and the skepticism of well-intentioned yet uncooperative stakeholders. At the same time, security solutions can be cumbersome and may actually affect patient outcomes.
Information technology (IT) has great potential to improve healthcare, promising increased access, increased quality, and reduced expenses. In pursuing these opportunities, many healthcare organizations are increasing their use of mobile devices, cloud services, and Electronic Health Records (EHRs). Insurance plans and accountable-care organizations encourage regular or even continuous patient monitoring. Yet The Washington Post found healthcare IT to be vulnerable and healthcare organizations lagging behind in addressing known problems.9 Recent breaches at two major health insurance companies1,7 underscore this point: the healthcare industry moves toward automation and online records, yet falls behind when addressing security and privacy, ranking below retail in terms of cybersecurity.3
No entries found