Thursday, August 13, 2015
Doogie Howser's trusty IBM computer proved a handy tool for recording the life lessons he learned from his patients. However, his penchant for storing sensitive patient information on a personal computer would not fly in today's climate of heightened health care security and would likely put his current employer in serious hot water. University of California Health, which currently operates four hospitals on the UCLA campus, is currently facing that kind of heat in the form of legal ramifications for a major security failure that occurred in late July.
The breach, which resulted in the theft of extremely sensitive information, could have impacted as many as 4.5 million patients, according to SC Magazine. As a result, The Regents of the University of California, UCLA Health System and UCLA Medical Sciences are facing a class-action lawsuit filed by McCuneWright, LLP.
"Hospital IT staff should prioritize identifying the network's security holes.".
The complaint alleges that UCLA was aware that patient names, birthdays health plan information and social security numbers were vulnerable to attack, based on a previous breach of the health network and the recent epidemic of security breaches across the health industry. Furthermore, the suit alleges that University of California Health was negligent in the time it took to inform patients that their private data had been compromised, considering the university first became aware of suspicious activity as far back as 2014.
If the precocious MS-DOS musings of a child-prodigy doctor have anything to teach us, it's that honesty and transparency are critical in the health care industry. That's why it's so important that hospital IT staff prioritize identifying potential security holes in the facility network and administer a remedy as soon as possible.
Prescribe infrastructure improvements to secure patient data
Health care organizations must collect, store and analyze more data than ever before. Without the eidetic memory of adolescent physician who is also dealing with the problems of a normal teenager, this task must be accomplished with a secure, reliable network. Information from patient monitoring devices and other diagnostic equipment is constantly populating, so hospital IT teams must streamline data flow in in an organized, intentional fashion.
Interfacing with this data as a single resource is an absolute necessity, and the demands of the health care industry make it even more important that the network can be accessed and modified remotely. Special effort must be taken to ensure that this data remains protected, even if records are being accessed from off site. After all, security failures cost U.S. hospital as much as $1.6 billion each year, according to Healthcare IT News. Connecting serial console servers equipped with heavy encryption and data compliance features directly to local system ports is just one example of how high-performance infrastructure can help to tighten a hospital's digital perimeter.
Data breaches in the health care industry carry a heavy price.
Network antidotes help to cure physical security symptoms as well
A hospital's network does more than protect the network from digital breaches. Improving the flow of data across and between hospital campuses can help to strengthen physical security as well. This aspect of data compliance overlooked as often as Doogie Howser's lack of emotional maturity, but hospital IT would be remiss to ignore threats to the network that are based in the physical world.
For example, the functionality of IP security cameras can be improved by utilizing fiber media converters. Powering equipment through a UTP cable and PoE media converter setup makes it substantially easier to operate cameras from tactical but hard to reach locations. Acting both as an extra deterrent against physical breaches and a means of pinpointing when and where suspicious activity occurs, connecting IP cameras to the network in this way also allows for easy compiling of security footage. Security camera upgrades can help a hospital meet physical security compliance requirements as well.
Improved network infrastructure can even help control entry and exit of rooms containing secure patient data. Multiple key-card access points can be monitored and controlled as a single system by wiring multiple doorways through a connected stack of media converters. In addition to protecting confidential patient files, hospital IT teams have near limitless opportunities to cut operating costs and limit network downtime by implementing these network improvements. With class-action lawsuits lying in wait for health care organizations that fail to secure their data, it makes perfect sense to learn from Dr. Howser's mistakes.
Perle's wide range of 1 to 48 port Perle Console Servers provide data center managers and network administrators with secure remote management of any device with a serial console port. Plus, they are the only truly fault tolerant Console Servers on the market with the advanced security functionality needed to easily perform secure remote data center management and out-of-band management of IT assets from anywhere in the world.