From February 29th through March 4th the healthcare industry’s leading IT and security professionals will arrive in Las Vegas for the 2016 HIMSS conference to discuss how they can best support their healthcare organizations as they strive to provide better health outcomes for their patients. Protecting patient data is critical in order to achieve this goal, and keeping highly sensitive information safe and confidential should be the top priority of every CIO and CISO in attendance – particularly after the “year of the healthcare breach.”
Many of the world's most innovative healthcare organizations require proven solutions that can secure PHI while permitting authorized data sharing among healthcare providers and their patients. The top data protection capabilities required by today’s healthcare organizations include:
The ability to analyze potential risks to electronic PHI
- Discover PHI stored on laptops, workstations, and servers that are unencrypted
- Measure PHI being emailed out of your organization
- Detect PHI being transferred out of your organization in unencrypted FTP
- Audit PHI being copied to USB devices or burned to CDs or DVDs
- Track and control PHI in, or being uploaded to, the Cloud
- Specialized connectors to Cerner, EPIC, Meditech, GE Health Systems, McKesson
- Specific healthcare code sets as built-in dictionaries to prevent patient data from inadvertently leaving the organization
- A multi-purpose software agent, installed on an endpoint, that provides continuous system, network, account, and data-level visibility and control to solve compliance, data protection and advanced threat protection use cases
The capability to train workforce members on security policies
- Prompt a user for justification when PHI is copied to USB storage devices
- Notify a user when a file containing PHI is attached to an email leaving your organization
- Notify an administrator of risky activity, such as a file containing PHI being copied to an unprotected share or a potentially sensitive file being uploaded to the Cloud
The ongoing ability to assess security policies
- Inspect every email and web transaction for the presence of PHI
- Measure effectiveness of other controls by monitoring where PHI is moved once it leaves your central EHR system
- Get daily, weekly, and monthly reports measuring incidents of interest and potential loss trends
One key solution that has helped hospitals protect their PHI is data loss prevention (DLP). DLP solutions enable healthcare organizations to protect and manage regulated and other sensitive digital information across their networks, whether local, remote, mobile or in the cloud. And given that modern healthcare security professionals frequently grapple with constrained budgets and tight resources yet are still expected comply with various state and federal regulations, today’s advanced DLP solutions and managed services for DLP enable healthcare IT professionals to quickly implement an effective security program.
Want to learn more about how advanced data protection solutions can help healthcare organizations secure sensitive data from today’s threats while meeting compliance requirements? Join us at the HIMSS Conference in booth #9908-7 to discuss your data protection needs, get customized demos of the Digital Guardian Data Protection Platform, and grab some cool giveaways, including the chance to win an Amazon Echo. For the latest discussion around cloud security for the healthcare industry, don’t miss CTO Mark Menke’s speaking session, 7 Steps for Preparing to Move Patient Data to the Cloud.
Doug Bailey is chief strategy officer at Digital Guardian.