This page contains a Flash digital edition of a book.
IT RESELLER – NOVEMBER 2011


Data security takes to its sick bed T


his edition of IT Reseller features a number of VAR profiles that take a look under the bonnet of some of the most


recent, state-of-the-art IT projects within the healthcare. I think you’ll agree that they provide a good cross-section of the types of solutions and services that are current in demand for a range of uses within this most mission-critical of sectors. And concerning healthcare sector news from across the Atlantic, I was interested to hear that a number of healthcare and IT experts recently warned the US Congress about security concerns surrounding the increasing use of EHRs (electronic health records).


Data security technology provider, Imperva, recently commented that media reports and research points to a lack of understanding within healthcare organisations as to why EHRs need protecting. Rob Rachwald, Imperva’s


director of security, points out that recent research from PricewaterhouseCoopers found that 64 per cent of staff working with EHR data were unaware of whether or not their firm had suffered a data breach within the last two years. “Perhaps worse, only 58 per cent of healthcare providers and 41 per cent of health insurers reported including appropriate EHR usage as a component of their staff privacy training,” he said.


Rachwald added: “Security training is a big deal as, without training, staff do not know how to properly handle data or, more importantly, how to respect that data.” He went on to say that you wouldn’t give a gun novice a fully-


loaded weapon without instructions, and similarly, you don’t give a medical or healthcare professional a few megabytes of data - and expect it to be properly protected or destroyed. Rachwald stressed that, against this backdrop, it is understandable that recent media reports on the Washington DC lobbying of Congress noted that IT security professionals agreed that, if the public are to trust their healthcare records, their healthcare employers need to develop database security best practices.


These best practices, said Rachwald, are the same basic governance principles that any organisation – and not just those handling healthcare data – needs to develop in order pass muster with the appropriate governance regulations. However, he adds, simply meeting the basic governance regulations is not the end of the story when it comes to organisations handling EHR data, as this simplistic approach is not going to garner the public’s trust. He concluded: “Unless healthcare organisations train their staff – and not just their IT staff – in basic aspects of security, and help them understand the reasons why this security is so essential, data breaches involving EHR and allied data will continue to hit the headlines.”


It’s certainly a no-brainer that a security regime within the healthcare vertical – or any other sector for that matter – needs to be as watertight as possible. Yet concerns remain. VARs can certainly play a major role here; from increasing staff awareness in the form of systems training, through to the implementation of proven and reliable security infrastructures. It’s people in the know that are best positioned to ensure this sector is given a clean bill of health.


Ed Holden Editor »


IT RESELLER – NOVEMBER 2011 3


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52