Martin Littmann, director IT systems, uses the software as a solution (SaaS) ProofPoint (Sunnyvale, Calif.) at Kelsey Seybold Clinic in Houston, Texas, a 20-location community-based physician group, as a part of his organization's email security strategy. “I could recall in years past there would be days when I'd get two or three calls from executives saying, ‘Hey, I'm getting this SPAM; I never got this kind of stuff before,’” Littman says. “But I don't have those types of events happen at all anymore.”
Littman notes that organizations can't actually quantify the cost savings of preventing a security breach. “You only have to look at the press of the [organizations] who have had breaches or events that occurred like email or networking disclosures and see what it has cost them to deal with that-not just in terms of a real mitigation standpoint, but in terms of loss of reputation,” he says. “That is the real cost associated with it.”
CLOUD COUNTERPOINT
A survey by Apptio, a Seattle, Wash.-based provider of on-demand technology business management solutions, and the Scottsdale, Ariz.-based research firm Worldwide Executive Council, found that IT decision makers didn't have the necessary metrics to build intelligent business cases for moving applications and infrastructure components to the cloud. Case in point, Matt Green, director of information systems at Methodist Healthcare, a seven-hospital system based in Memphis, Tenn., feels cloud-based email is not the best solution for his organization right now. “At this point in time from our research, there are not a whole lot of healthcare organizations using cloud-based solutions, so I think it's going to take some time before those solutions are ready for a regulated environment like healthcare,” he adds. His organization is, however, using the London-based SaaS email management company Mimecast for email archival and disaster recovery.
With the new developments in the cloud space, McMillan, who is also CEO of the Austin-based CynergisTek, has his concerns about security. He explains that that some cloud vendors sell bandwidth by buying space in several different servers, relying on the security of spreading out the data so much that attackers won't be able to find it as easily. Other services disperse data in the same data center, which allows for more control over the security of that data, McMillan says. He cautions organizations to make sure to ask how the vendor manages data and to question any other business associate that handles PHI on how and where data are stored.
Lee Barrett, president of the Farmington, Conn.-based Electronic Healthcare Network Accreditation Commission (EHNAC), says it's not a technology issue to provide for secure messaging, which has been a mainstay of other industries, like banking, for years. It's the disparate implementations, which can lead to breaches that Barrett cites as healthcare's main problem. “It comes down to making sure we have a level of standardization,” Barrett says. “That's where an organization like an EHNAC comes into play to ensure a third-party review, so we're getting some consistency.”
SECURE MOBILE MESSAGING
Amazing strides are being made in the mobile secure messaging space. McMillan is excited about a product that will be launched later this year that will offer encrypted mail on clinicians' mobile devices. “It's going to be a complete game-changer,” he says. To send an encrypted message via the mobile device, the user will only need to authenticate once, he says, and then the product will recognize the same user for subsequent emails. McMillan adds that there's no risk to information because the email won't live on the device, only through the encrypted connection. After the user connects with another customer, their device recognizes the other for all subsequent messages, so no re-authentication needs to take place.
WHAT JEFF HAS DONE IS SAY THAT DOCTORS ARE A CERTAIN GROUP THAT HAS A UNIQUE NEED FOR A PRODUCT FOR THAT PROFESSION. -GREG WALTON
- Show full page
- Login or register to post comments
- Printer-friendly version
