Now that security and privacy of patient-specific health information are focal points of hospital administration, a sense of urgency affects recruitment of IT security officers and implementation of new security schemes. Qualified IT security talent
Now that security and privacy of patient-specific health information are focal points of hospital administration, a sense of urgency affects recruitment of IT security officers and implementation of new security schemes.
Qualified IT security talent isn't that easy to find, however. Some security experts believe hospitals are taking huge risks by transferring current IT employees into security roles unprepared and unqualified, said Markus DeShon, Ph.D., of SecureWorks, an Atlanta-based company that designs software to protect corporate networks from hackers.
"One of the biggest mistakes companies make is giving the job of IT security to the system administrator, rather than building a dedicated security team," DeShon said.
He suggests that companies often focus too much on hardware and not enough on the expertise of the people protecting the networks.
As if the Health Insurance Portability and Accountability Act alone weren't enough to sharpen healthcare security concerns, the attacks of Sept. 11 have given the entire U.S. economy cause to reflect on just how vulnerable their networks are to cyber penetration, said Tom Turner, vice president of marketing for OKENA, an intrusion prevention company.
Mere intrusion detection is no longer adequate. Prevention technologies that protect IT systems from inappropriate or malicious behavior represent the next frontier for the security industry.
"The security industry has spent 10 years building hundreds of companies that offer detection," Turner said. "We need prevention, especially in the post-Sept. 11 world. Prevention has to be the security industry's mantra."
Defense in depth is the key to securing digital patient data, according to Turner. It is not just the servers in which the data reside that need securing, but also the desktops and laptops that grant access to this information.
"It is also important to provide security that does not rely solely on user authentication," Turner said. "If these controls are bypassed and administrator privileges are granted, then all the data within the system are at risk."
Security officers need technologies that can define how applications can be used and what they can access in order to provide security for data even if someone achieves administrator privilege.
"We see numerous attacks that are not stopped through traditional means," said Pete Lindstrom, director of security strategies for the Hurwitz Group.
This trend is expected to continue. Seeking a proactive solution to prevent attacks instead of reacting after they hit presents a tremendous cost savings for information security budgets, he said.
Emerging Perspectives on PSMA PET Radiotracers: An Interview with Kenneth J. Pienta, MD
April 24th 2024In a recent interview, Kenneth J. Pienta, M.D., discussed the impact of piflufolastat F18, current directions in research with other PSMA-targeted radiotracers and future possibilities for the role of PSMA PET in the imaging paradigm for prostate cancer.
Study Reveals Benefits of Photon-Counting CT for Assessing Acute Pulmonary Embolism
April 23rd 2024In comparison to energy-integrating detector CT for the workup of suspected acute pulmonary embolism, the use of photon-counting detector CT reduced radiation dosing by 48 percent, according to newly published research.