Healthcare IT Teams Prepare for Shark Attack at HIMSS17

IT Shark Attack

Information security will be a hot topic at HIMSS17 next week in Orlando.  Global information security specialist Robert Herjavec, who will co-lead a keynote session with fellow Shark Tank star Kevin O’Leary, is bullish on big opportunities in health care but noted that new technologies bring new vulnerability and threats. Much like a school of sharks surrounding its prey, security threats loom over hospitals and health systems in the form of breach, malware, fraud, theft and loss among other cybersecurity risks.

In a recent article in Healthcare IT News, Herjavec says: There are significant information processing requirements and investments made each year, and it can be difficult to keep them all up-to-date, patched, and refreshed. This is partly due to the technology push into medical treatments, and partly due to constant pressure to keep non-clinical costs down. The result is a higher-than-average legacy “debt” of outdated systems, unpatched operating systems, and older browsers.

We often see exactly what Herjavec is describing as hospitals and ambulatory centers focus on updating their go-forward EHR system, yet struggle, or worse yet – don’t take any action on what to do with legacy clinical and operational systems that are dragging down performance and also pose security risks. It is important to remember that legacy data must adhere to privacy and security policies just like any other system or network.

“In today’s connected electronic environment, healthcare organizations are big targets for phishing attacks, ransomware attacks and unauthorized third-party network hacking,” says Rick Adams, Vice President of IT and HIPAA Privacy and Compliance Officer at Harmony Healthcare IT. “IT teams need to be prepared like never before. It’s not a matter of “if” there will be an attack, but “when” — and the entire organization needs to be trained to be on-guard and prepared.”

Read more from Rick Adams in his blog post: How One Click Could Shut Down Your EHR.

Many organizations are moving forward with an archive as an integral part of their clinical data management strategy. Health Data Archiver is positioned to support a secure enterprise-wide legacy data management effort, which is especially helpful if your organization is experiencing any of the following common business situations:

  • Merger & acquisition
  • Vendor consolidation
  • Vendor or product dissatisfaction
  • Product sunsets
  • Facility closure/relocation
  • Provider retirement/death

With a solution like Health Data Archiver, your healthcare organization will have a single, secure, vendor-neutral system for quick access to legacy data when needed. This eliminates the need to keep out-of-production systems running as well as the need to keep staff trained on how to use them. There is an obvious cost savings too since if legacy systems are not decommissioned, the maintenance costs continue to build and historical data would potentially remain segmented in disparate legacy systems.

In terms of information security, there are benefits to an archive:

Health Data Archiver System Administration and Security Features

  • User Security (Role-based) – View/print/export by user roles (i.e., MD, psychiatrist, HIM, etc.), LDAP groups and/or data source.
  • User & Activity Audit Log – Captures activity from login to logout. Date and time stamps access and activity logs for audits/ reporting.  Logs produced are compatible with 3rd party audit software such as P2Sentinel and FairWarning.
  • Data Encryption – Industry-standard encryption. Data accessed only through the user interface. Data at rest is encrypted per National Institute of Standards and Technology (NIST) guidelines.
  • Security Assertion Markup Language (SAML) Single Sign-On – An XML-based, open-standard data format for exchanging authentication and authorization data between parties. This technology allows for the integration into an EHR browser for seamless navigation between the EHR and the archive.

Our Health Data Archiver team of clinical and ERP data archiving experts is ready to demo how this industry leading archive can help your healthcare organization preserve needed records in a secure and easily accessible format.

We’ll help you navigate your sea of clinical data . . . like a shark.

Harmony Healthcare IT is a FairWarning Ready Healthcare Data Industry Partner.

FairWarning® is a registered trademark of FairWarning, Inc.

Feb 17 2017

Ready to learn more?

Contact us today to learn more about our healthcare data management solutions.

First Name *
Last Name *
Email *

Healthcare IT tips, guides, news & more delivered to your inbox

Sign me up