enterprisesecuritymag

Maintaining A High Level Of Security And Privacy

By Ken Resmini, Chief Compliance and Internal Audit Officer, Memorial Healthcare System

Ken Resmini, Chief Compliance and Internal Audit Officer, Memorial Healthcare System

Emerging challenges in compliance
The big challenge in technology in the healthcare arena is maintaining a high level of security and privacy with the large number of systems we use. It is not uncommon, particularly in large health systems, to have hundreds of systems in use, all constantly changing and new vulnerabilities developing with each change. Additionally, many of the medical devices used at the bedside, e.g., infusion pumps, bedside monitors, etc., are sophisticated systems that store, process or transmit Electronic Protected Health Information often wirelessly.

"Big challenge in technology in the healthcare arena is maintaining a high level of security and privacy with the large number of systems we use"

To help keep a grip on these challenges, we use an international risk and advisory services fi rm to continuously test our systems. They perform penetration tests, vulnerability scans, access assessments, sensitive data reviews, mobile device reviews and many other tests to identify weaknesses before they can be compromised. We then work with our IT department and their vendors to ensure that timely changes can be made and risk mitigation controls are implemented. That critical link is in Memorial’s philosophy that we are a team positioned to deliver smarter healthcare.

Weekly Brief