As mobility continues to increase its presence within various verticals, the healthcare industry has jumped on board, arming doctors and nurses with the latest in mobile technology. While these devices have helped in many areas, from logistics to managing patient data, their ability to keep sensitive information under wraps has been called into question. This was one of many talking points discussed at OACCAC 2015.
“These devices are quick to enhance and deploy, but they must be enterprise-grade,” said Guy Fortin, chief architect for the Ontario Association of Community Care Access Centres. “They are easy to integrate with other systems or apps, yet clinical health records are a very complex structure.”
People who are new to security are eager to learn how it functions. Some like to take this a step further by hacking into a computer or website to showcase their knowledge about hacking, and how to combat it. But at Bosco Chan, chief privacy officer for OACCAC explained, there is no specific trick or shortcut for hacking.
“I always compare security programs to magic. Any newbie that wants to pick up magic first wants to learn how to do tricks. For example, how do they go about making a coin disappear?” he said.
“Security is kind of the same. When it comes to security, the first thing the newbies want to learn is how to (perform) a hack,” continued Chan. “But for me, security is not about that one hack or trick. If I had to sum it up in one word, I would choose the word structure.”
Despite the wealth of benefits and protection it provides, healthcare providers often face a steep uphill battle when it comes to the implementation and management of security processes. Chan believes that the best way for this industry to approach security is to have a team of allies along for the ride.
“You need to have some buddies to help you fight the uphill battle of security. You need to build an alliance with these people, and you should probably meet with them once per quarter,” he said.
“When you do, you should talk about what the emerging threats are, and what is the status of the security programs you have in place. Let them provide you with guidance and approve your policies.”
Many security gurus branded 2014 as the Year of the Security Breach, and statistics revealed by John McClurg, chief security officer for Dell align with that belief. According to the numbers, nearly three quarters – 73 per cent – of organizations said that they experienced security breaches last year. McClurg added that researchers at Georgia Tech find 100,000 new malware samples daily, and that only 19 per cent of these are detected by antivirus software.
New ways to ward off threats are constantly being released, each with their merits. But they can’t operate by themselves. The healthcare industry often lacks qualified digital security professionals, but as McClurg clarified, steps are being taken by educational institutions to solve this problem.
“The lack of resources has been identified by universities, and it’s become like a business. When businesses identify a need, they’re going to fulfill it,” he said. “I think universities, both in Canada and the United States, acknowledge that deficiency and are promoting that as a program, just as they would with any other business.”
The primary issue with finding and cultivating this new talent is that it’s not happening at a rapid enough pace for the healthcare industry.
“I see that happening, but for those of us in the trenches right now, it never happens at a cadence as fast as we’d like to have it happen,” McClurg said.
“This is what pushes us into a world where traditional boundaries for delineated interests, including those boundaries that tell you where you might find talent you can use,” he continued. “(Organizations) need to start expanding their field of search to include markets that perhaps they haven’t looked at before, and start leveraging the opportunities that exist there.”
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…