No hard drive means no data loss

December 27, 2006

In December 2005, a thief broke into a University of Washington Medical Center building and stole two laptop computers, each containing confidential patient information. In April 2006, Willamette Open Imaging in Salem, OR, was robbed of all computer hardware.

In December 2005, a thief broke into a University of Washington Medical Center building and stole two laptop computers, each containing confidential patient information. In April 2006, Willamette Open Imaging in Salem, OR, was robbed of all computer hardware.

These are just two examples of how healthcare facilities are perpetually at risk of a breach in data security, in potential violation of the Health Insurance Portability and Accountability Act.

The risk increases as data become more portable. Laptop theft is a leading culprit. According to the Privacy Rights Clearinghouse, one-third of all reported data breach events in 2005 were related to stolen laptops. The U.S. Commerce Department disclosed in October that 1137 of its laptops had vanished since 2001 - almost one per day.

One solution is thin-client technology. A thin client is a network-attached computer without a hard drive. All data that normally would reside on the PC reside on a secure server located elsewhere. If no patient data exist on the hard drive, then no patient information can be lost or compromised if the laptop disappears. HIPAA is served.

A number of hospitals have embraced thin-client technology. When Baptist Healthcare System, a five-hospital chain in Kentucky, decided to consolidate five business offices across the state into one, the IT department chose a thin-client solution. It not only was secure and reliable but also easy to manage. With this architecture, the user's traditional desktop PC is replaced with a thin client that connects one to one with a dedicated PC blade in the data center. Blades are self-contained computer servers designed for high density.

A resource tier of mass storage, network printers, application servers, and other network resources also resides inside the data center.

"Today's thin clients provide user-friendly Windows experience with totally secure access to patient records," said Paul Mancine, marketing vice president of Devon IT, an information technology company.

Since the idea is to limit the capabilities of thin-client computers to only essential applications, thin clients tend to be purchased and remain "thin" in terms of the client applications they include.

As software as a service gains popularity, Mancine expects thin clients to begin replacing desktop PCs in work and educational environments.

In general, thin clients are also less vulnerable to malware attacks, tend to have a longer life cycle, use less power, and are less expensive to purchase since they come without a hard drive.