Getting The Balance Right Between Security, Governance, Healthcare, and Usability

One laptop is stolen every 53 seconds. Seventy million smartphones are lost each year, with only 7 percent recovered.

The statistics are scary, yet most of us hang to the “not us” belief as we go about our busy days.

We read the stories. We know we should take security more seriously. But there are only so many hours in the day. We put it off indefinitely, hoping we’re never included in the statistics.

Yet security doesn’t have to be complicated. Today’s devices come with enough protection built in to thwart a high amount of criminal activity. If your device is protected with a security code of “123456,” a criminal will pass security in seconds and start gathering whatever they desire. If your device uses full disk encryption with a strong cipher, the criminal may become bored and move on to easier prey

Security is everyone’s job. We all have to be on our toes, conscious of how we handle our devices and data. Or pay the price. And for anyone with healthcare data easily accessible on their device, the cost can be catastrophic.

No matter how big or small your practice is, successful security implementation includes:

  • Understanding regulatory security requirements.
  • Identifying risks your systems may be exposed to.
  • Communicating clearly with everyone on your team.
  • Providing regular user training.
  • Embracing best practices by using a framework such as National Institute of Standards and Technology (NIST) or Center for Internet Security (CIS).
  • Vetting vendors and partners carefully

As a healthcare provider, it also means stepping up security to ensure protected health information (PHI) is regulated according to the laws set by HIPAA. Adopting processes such as zero-trust can help mitigate security risks on connected devices.

As you identify weaknesses and establish guidelines, be aware of how every individual approaches the data. Patients, team members, management, even vendors may all need access, yet use the data differently. The more you understand about accessibility, the more you can create policies and procedures to lower risk.

This is a balancing act. Don’t try to do it on your own. A knowledgeable security team can offer you assurance you can’t get by piecemealing it together on your own.

In general, everyone is moving in the same direction. We all want the same things - to provide quality healthcare to the greatest degree possible. If holes exist, it opens up opportunities to those that want to take advantage of the weaknesses within the system.

In healthcare, the needs of the patient surpass security. Yet IT runs a close second, ensuring safety is a part of the process.

Does your security policy do all of that?

For IT Strategy, Cloud Conversion, or Help Desk Services reach out to us at Silver Linings Technology 360-450-4759.