Communications Systems: Selecting the right communication software is critical to your hospitals' success.
You need an RFP template to walk you through the process.
Download new RFP template now.
| November 2008 | www.healthmgttech.com | Issue 11 | |
 |
|
By Rod Murchison
Hospital networks have basic data security for HIPAA compliance, but IT administrators often worry about what happens to data after an authorized user gains access. Patient information can be leaked by physicians or other staff using webmail programs, for example, putting the data into non-secure networks where it could be compromised. Data Loss Prevention (DLP) solutions allow hospital IT administrators to monitor the use of sensitive information and block or encrypt it as needed. This makes it possible to enforce HIPAA compliance rules by controlling user behavior – an area where the IT department previously had little or no control.
Hospitals have addressed HIPAA requirements through password and network access controls, but once a user has access to the data there are many ways for security regulations to be breached. Physicians may want to exchange test results or other patient information, for example, and there is nothing to stop them from doing that via web-mail programs. Administrators or nursing staff may want to review files at home by copying them to a USB memory stick or another portable storage device. At this point, the data becomes inherently insecure.
|
Rapid reliable integration for mission critical healthcare applications. Sponsor |
DLP products are designed to prevent the deliberate or inadvertent transfer of sensitive data via e-mail, webmail, ftp, transfers to portable devices, and other methods. The heart of a DLP system is an appliance that connects to the rest of the network via taps to monitor data “in motion†across the network. To monitor and protect data at network endpoints such as desktop or laptop computers, a comprehensive DLP system also includes software agents installed on end-user computers and servers to prevent unauthorized transfers of data to external networks or media.
To set up a DLP system, the IT administrator installs the appliance and registers the hospital’s data by determining precisely what constitutes sensitive data and inspecting the corresponding databases and file servers to find out where that data resides. The administrator then establishes policies will be enforced to prevent unauthorized use or transmission of the data.
The DLP system then enforces security policies by monitoring data “in motion†on the network and “in use†at network endpoints. Based on the established policies, the appliance or endpoint agent can then block a data transfer, alert the user to the problem, encrypt the data before transfer, or quarantine the data and alert the IT administrator or department head about the issue.
DLP systems are most effective when they meet the following criteria:
Accurate data registration–The DLP system should be able to identify both structured data such as Patient Health Information (PHI) from a database or spreadsheet and unstructured data such as sensitive peer review documents. To do this, it must support a variety of data characterization methods, including database fingerprinting, pattern matching, pre-defined lexicons, dictionaries, regular expressions, and document classes. With a full complement of data registration tools, the IT administrator gains better control and also reduces false positives that waste IT staff time.
Network-wide data identification –The system should use a combination of appliances and endpoint agents to locate and block transfers of sensitive data anywhere on the network.
Policy-based enforcement – The DLP solution should make it relatively easy for IT administrators to translate hospital security policies into logical security controls that simplify how protection is implemented for different users, user groups, types of data, and network locations.
Centralized monitoring and management – To minimize the use of IT resources, the DLP system should be centrally managed from a single console, regardless of how many appliances or endpoint agents are in use.
End user remediation – The system should support a tiered system of end-user remediation, ranging from notifying end users about a policy violation and allowing them to self-correct the issue to blocking transfers and alerting department heads or IT staff.
Non-disruptive operation – The DLP system should perform its function without reducing network response times or interfering with end-user activities.
Integrated e-mail encryption –The DLP system’s appliance should either incorporate an e-mail encryption engine or integrate with a discrete encryption server. For ease of deployment, the system should integrate with web-based e-mail encryption services from companies such as Cisco, Voltage Security, and ZixCorp.
Naturally, DLP systems should also be evaluated in terms of ease of deployment and cost of ownership. Early DLP systems required multiple servers, for example, while newer ones handle all functions within one appliance.
Every IT administrator knows that user behavior is one of the most difficult things to change, and this is particularly true in hospitals where physicians and staff are carrying out critical work. Data loss prevention systems allow hospitals to plug the holes in their data security infrastructure by enforcing policies whenever sensitive data is used, and without relying on end users to do it.
Rod Murchison is the Vice President of Marketing & Strategic Alliances at Code Green Networks. Rod has more than 17 years of experience building industry-leading security and networking solutions and has held executive-level management positions at NetScreen Technologies, Juniper Networks (NASDAQ: JNPR), Ingrian Networks, CacheFlow (NASDAQ: BCSI) and Newbridge Networks (NYSE: ALA). Rod holds a Bachelor of Science degree in Industrial Engineering from Penn State University.
Next - The Web Conferencing Review
ArticlesTransparent Data Loss Protection for HealthcareThe Web Conferencing Review |
|||||||||||||||||||||||||||||||||||
Vendor ConnectionPACS/RIS/Diagnostic Imaging |
Electronic picture archiving and communication systems (PACS) provide economical storage, rapid retrieval of images, access to images acquired with multiple modalities, and simultaneous access at multiple sites. A PACS consists primarily of an image acquisition device, image storage devices, transmission network, display stations (which include a computer, text monitor, image monitors, and a user interface), and a radiology information system (RIS), a computer system that assists radiology services in the storing, manipulation and retrieving of imaging information. The introduction of client/server computing, improved digital imaging and computer network technologies, along with the advancement of the DICOM and HL7 standards, have put RIS alongside PACS as an ideal solution for managing radiological images.
Click here for Vendor Connection.
eNewsTexas Implements Foster Child EMR ProgramThe Texas Health and Human Services Commission (HHSC) has implemented an online Health Passport program, which provides more than 30,000 foster children to have automatically updating electronic records that can follow them to a new home. Read More Health IT Assessment ReportThe Agency for Healthcare Research and Quality (AHRQ) has released its latest evidence report and technology assessment through its Evidence-based Practice Centers. Read More Intel Health Guide TrialsAfter receiving U.S. Food and Drug Administration Type 2 certification in July of this year, chip maker Intel Corp. formally announced trials will begin of its Intel Health Guide — a customized PC which utilizes the company’s motherboard and software to monitor vital signs and deliver health services to elderly patients managing chronic health conditions. Read More HHS Secretary Praises AHICAs the American Health Information Community (AHIC) formally concluded its work to coincide with the creation of AHIC Successor, Inc., Health and Human Services Secretary Mike Leavitt reflected on the organizations successes since its inception in 2005. Read More |
|
2008 by Nelson Publishing, Inc. All rights reserved. Reproduction Prohibited. View our terms and Privacy Statement. |
|
EMR Integration |
 |
|
Learn how Nacogdoches Memorial Hospital streamlined their administrative, financial and clinical processes and moved their hospital one step closer to their EMR goal. Read the White Paper. |
|
Claims Management |
 |
|
Integrate disparate systems into one powerful solution. HEALTHsuite® from RAM Technologies offers health care payers enterprise wide functionality in a fully integrated solution. Find out how you can get improved performance and enhanced features from your investment dollars. Click Here for More Information |
|
|
Continuing Education |
 |
|
Get your Master’s in Health Information Management online and get empowered and in demand! Careers in health informatics are continuing to grow despite the recent economic crisis; recession proof yourself by furthering your education in this critical area of health care! We are currently enrolling for our January class, don’t delay your success. Visit us and apply today! |
|
|
Integration Services |
 |
|
Ranked #1 in 2006 and 2007, Ensemble is the fastest way to link applications, people, and processes throughout your healthcare organization. Plus, Ensemble enables you to rapidly enhance existing applications – without rewriting – by adding rich Web interfaces, adaptable workflow, rules-based business processes, and other new features. Click here for a demonstration of Ensemble. * Top 20 Year End Best in KLAS Report. KLAS Confidential Information. ©2007 KLAS Enterprises, LLC. All rights reserved. www.healthcomputing.com//top_20 |
|
|
Medical Laptops |
 |
|
Engineered around healthcare, the fully-sealed Toughbook® H1 is easily sanitized to maintain infection control. Keeping with Toughbook’s heritage, this durable mobile clinical assistant device won’t break down mid-shift. View the New Panasonic Toughbook® H1 |
|
|
Speech and Imaging |
 |
|
Nuance® Healthcare offers Dragon® Medical, the fastest, most accurate real-time medical speech recognition product, designed to power your EMR by voice. For more information, visit Nuance® Healthcare |
|
|
Jobs: |
 |
|
Information Technology Manager Cardiovascular Echo Tech Sr Application Analyst - Revenue Cycle |
|
|
Application / Product Listings |
|