It used to be that healthcare organizations large and small had to worry about doctor and patient relationships and providing better bedside manners and expectations. We are past those days, and healthcare is now a growing, fiercely competitive service with many options for both providers and individuals. But what needs to be incorporated into this mix is ensuring that the systems that now play a critical role in these environments, from nurse’s stations to doctor’s tablets, are well managed. As much as the clinicians themselves need to adhere to the ‘do no harm’ oath, so do these systems, and that only comes from ensuring that security and system management are maintained and up-to-date.
The unfortunate part is that anyone who uses a computer, relies on email, or utilizes the web for personal or business activities is susceptible to opportunistic criminal activity. Malware is an everyday occurrence, but for busy healthcare providers, the additional overhead of ensuring that their anti-malware is up-to-date can easily become forgotten. There are so many other aspects to protecting patient records that need to be addressed for HIPAA, but malware protection is fundamental and needs to become a priority. Malware is not only a security issue in general, but when a system incurs a long window of time between updates, it will also introduce unnecessary risk.
For healthcare providers who are tasked by the HITECH Act to instill the value of preventing curable diseases and accountable care, they understand this concept. Still, they sometimes do not have the bandwidth to address it. The result is that many systems in healthcare are still highly susceptible to common and preventable malware attacks, and this can result in systems not performing to their best ability. This could compromise patient care if a system is infected, in addition to compromising patient and medical records.
As I wrote earlier in 2013 wishes for healthcare, no size or type of organization is immune from possible fines if found negligent in providing safety for patient records. McAfee provides security services that can help manage the protection of your systems and email through a SaaS (Software as a Service) model that can provide relief from doing this yourself, and you can learn more here.
I’d rather see clinical practices focus on their services, leverage digitized health systems, and look for business partners that also focus on their core competency. McAfee can provide the expertise with our remote security management to address preventable malware and provide the diligence to stay ahead of the 100,000 malware variants that McAfee Labs finds on a daily basis.