Patient data at the University of Southern California's (USC) Keck Medicine in Los Angeles is stored under lock and key, where cybersecurity is never compromised, according to a recent news story from the university.
“We have an iron dome over the USC system,” CIO Joshua Lee said in a news release statement. Patient data is stored off-site through Cerner. This physical storage facility is secured, say USC officials, but a separate data security firm and USC staff members also protect electronic data through other measures, which include a security operations center in which electronic information is monitored around-the-clock by security professionals looking for abnormal computer traffic, malware and network intrusions.
“Security has to be multidimensional,” Lee said. “We create multiple layers to frustrate a potential attacker.” Stored patient data may include clinical records, medication, length of stay and billing records. Should an unauthorized data breach still occur, patients would be immediately notified, as would state and federal officials, say university officials.
The storage system also uses various authentication measures to prevent breaches, including the requisite that users gain access into the system through strong passwords that can’t be easily deciphered by hackers. Keck staff members say they are also looking at two-factor authentication, which might require a thumbprint, a retina scan or an electronic token that rotates to a new code every 30 seconds.
According to the Identity Theft Resource Center, last year saw 287 breaches and more than 7.7 million records compromised in the medical and healthcare industry alone; healthcare breaches have made up more than 10 percent of the year’s attacks. Recent specific attacks to health insurer Anthem and provider Community Health Systems have caught the attention of the industry, though security risks are still of great concern to healthcare organizations.