THE MEMEO BLOG

Mobile file sharing monitoring still lacking in healthcare

Oct 21, 2014

2014-10-21 Medical.jpgOrganizations across all industries are collecting more information than ever before in order to leverage it for effective changes and improvements in overall service. This effort can be easily seen in the healthcare sector as doctors and nurses utilize essential data to improve their practices. But, they must protect patient files from being compromised. The vector is covered under the Health Insurance Portability and Accountability Act, which mandates that all sensitive documents must be held under a strict set of guidelines. While these regulations are meant to protect critical files, meeting each element can be a challenge. As threats to healthcare security become more sophisticated, it will be important to ensure that staff are provided with a secure file sharing program.

The healthcare industry has a substantial amount of sensitive information, including financial records and Social Security numbers. This puts a large target on the sector for potential malware and other attacks. According to a study by the Ponemon Institute, half of organizations were unsure about the security of employee hardware despite the fact that 88 percent of them allowed staff to use their personal devices for work purposes, Health IT Security reported. To make matters worse, less than a quarter of organizations deployed the necessary protections prior to when the device connected to the network. These practices leave substantial vulnerabilities open for viruses to breach confidential information as well as infect essential healthcare equipment. However, by sharing business files over a secure platform, the risks will be mitigated.

“[P]roviders should avoid on-device data storage,” Health IT Security stated. “Virtualization can both segregate business and personal data on a device, and keep sensitive information like PHI from being stored on the device at all.”

Making mobile efforts work for healthcare
The medical sector has changed drastically in only a short period of time, and many facilities are integrating mobile efforts into their everyday processes. This is a substantial jump from the outright fear and banishment of similar devices just a few years ago. However, despite this improvement, there are still some organizations that are slow to adapt to mobilization. According to a white paper from the Spyglass Consulting Group, although more than two-thirds of hospitals reported that their nurses are using their personal hardware for work, 91 percent of these firms don’t have the means to monitor usage or ensure that employees are leveraging security best practices. This type of activity can lead to substantial compromises and lost data, resulting in significant fines and consequences associated with breaching HIPAA compliance. By incorporating mobile access control, organizations can grant certain abilities to sensitive information to prevent unauthorized parties from accessing the file.

“They don’t want to have to use two apps, they want one, and the prevailing attitude is that unsecured SMS is just fine,” Spyglass managing director Gregg Malkary said. “They know it’s a violation, but it’s more fluid, they know everyone else’s smartphone number, and they can coordinate care. They’re leveraging consumer grade tools to facilitate closed loop communication, and to support multidisciplinary care. Unfortunately, it’s outside the firewall.”


Tags:
Category: Data Security

Archive