This page contains a Flash digital edition of a book.
that a hospital won’t have to sweat too much about employee noncompliance.


Continuous Continuity Instead of just having a disaster


response plan, Hagerman argues that hospitals should focus on how to keep their operations up and running. “A lot of what we’ve put in place is designed to keep us in operation regardless,” said Hagerman. “I’ve found that companies that address those issues suffer fewer problems. They’ve already engineered and planned their way around [problems], so when they happen, it really isn’t a big deal.”


Security Is a Full-Time Job With the variety of cloud systems


and IT infrastructures available, just who is responsible for what? Hagerman said that while a vendor may handle certain aspects of keeping data safe and systems online, that doesn’t let a hospital fully off the hook. “You need to clearly understand what you are responsible for and what your vendor is responsible for. Have mechanisms


IMAGES © BLINKBLINK, RAZLOMOV / FOTOLIA CONNECTION/HEALTHCARE IT 2013.Q1 25


in place for monitoring things.” Hagerman said that one of the biggest ways to achieve this is to “understand what you’re buying” with regards to what services vendors offer, how to make sure they’re holding up their end of the deal, and what the client still needs to be responsible for. One tool to help is the Cloud Security Alliance, a new organization that is trying to make cloud services—and what they offer— transparent so that prospective clients can make better-informed decisions. On the local end, Hagerman stresses that security is a full-time job. From developing, training employees on and implementing security procedures, auditing third party vendors, and maintaining onsite technologies, skipping out on security details only comes back to bite organizations in the long run.


Embrace Mobility The strength of mobile devices’


flexibility and ubiquity makes them potentially red-hot from a security perspective. Luckily the


healthcare industry has pushed for better advances in mobile device management (MDM). Mobile devices are getting easier and more secure— so long as certain steps are taken, said Hagerman. “Have a good access management program. Authenticate doctors. Use MDM to be able to either require that data access is locked down, or make more of the apps available through secure browsers.” Further advances, such as apps storing information in secure spaces on the device that can be individually wiped, and basing more applications in restricted Web-only formats, help address many potential security concerns posed by mobile technology, he added.


ABOUT THE AUTHOR


Benjamin Harris is a New Media Producer, writing Web-first content for Healthcare IT News and managing social media for Healthcare IT News, Government Health IT, EHRWatch, and NHINWatch.


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36