Election Hacking, Yahoo, and Healthcare – what do they have in common?
January 5, 2017
Jerry Rankin, Strategy Director, Healthcare Interoperability
As we wrap up 2016 it seems not a day goes by without revelations of cybersecurity failures in healthcare and recommendations for guarding against them.
These are matched by a constant stream of news regarding cybersecurity failures elsewhere in our daily lives including electoral politics and social media .
What do these have in common? The basics.
I am talking about basic failures, including common phishing attacks, or leaving file sharing applications on servers holding sensitive data. Or in healthcare perhaps, leaving sensitive data unencrypted with loosely controlled access.
As the article above points out, even basic precautions are well known but not consistently implemented. Among them:
- Conducting a thorough security risk analysis.
- Encrypting sensitive data at rest and in transmission.
- Restricting access to sensitive data.
- Enabling detailed logging and auditing of all access to data and the systems controlling that data.
These basic precautions apply not only to the big targets such as the patient record of the EMR application, but also to the interoperability “middleware” that manages the flow of that data from laboratory and radiology and registration to the EMRs and other systems across and outside of the healthcare enterprise.
As an interoperability services market leader, Infor Cloverleaf has long offered advanced capabilities to cross those precautions off the to do list – to lock down access to the data, to encrypt data at rest and in transit, and enable thorough logging and auditing of all access. Going into 2017 we encourage the industry to leverage those capabilities and keep all healthcare data more secure.
- North America