June 27, 2014
Wired published an article this week with unnerving news — many hospitals are not properly securing their systems and in turn, exposing sensitive data and devices to hacking opportunities.
Researchers, Erven and Shawn Merdinger, an independent health care security researcher and consultant, examined the security of hospital networks and found that many hospitals are leaking valuable information to the internet. The cause in some cases was a result of network administrators enabling Server Message Block (SMB) on computers facing the internet and configuring it improperly, broadcasting sensitive data and leaving critical systems and equipment vulnerable to hacking.
Proper installation of systems and processes must be a priority in order to avoid compromising secure data and devices in hospitals. It’s a good practice to assess your IT operations and ensure that you have a plan in place, in case your data is compromised. This week, we published a report on how to perform a risk analysis and use that analysis to create a risk management program. This is a good place to start when assessing the security of your IT operations.
The growth of IT demands and regulatory requirements are making it difficult for CIOs to keep up with the technologies that are demanded by their organizations. According to an article in Becker’s Hospital Review, many CIOs are making difficult decisions when it comes to new and existing IT investments. In some cases, this process is a positive one, weeding out the waste, and optimizing systems and processes, in others, it’s possible that corners might be cut or poor decisions might be made in regards to prioritization.
In these situations it’s important to consider the value of your IT systems. This is a topic our COO, Jim Griffith, recently spoke about on our blog — maintaining a focus on the true end game of IT investments — Value.
We always love a good infographic. Datascience@berkeley published an “Electronic Health Records & the Data of Health Care” infographic that explores the progress of health care data, the difference between electronic medical records and EHRs, which states and practices adopted electronic systems, and what the future of the digital health industry looks like.