- Microsoft Windows chief decries standards grandstanding
- The 5 best, and 5 worst, features of Google Chrome OS
- Federal government using PS3 to crack pedophile passwords
- 10G Ethernet cheat sheet
- Top 10 free Windows tools for IT pros, at a glance
The Obama Administration's push towards electronic exchange of health information is putting the spotlight on the security of health information held by hospitals, physicians and other healthcare providers.
Health privacy underminded: Worst breaches of 2009
Concern about data breaches led Maimonides Medical Center to be among the first customers of a new security consulting service from Verizon called Connected Health Care Solutions.
Verizon has formed a practice group aimed at providing consulting services to hospitals, medical providers, insurance companies and other pharmaceutical and life science firms that need to safeguard electronic medical records.
The new group offers assessments of healthcare providers' practices and their ability to meet security guidelines such as the Health Insurance Portability and Accountability Act (HIPAA), the Payment Card Industry Data Security Standard (PCI-DSS) and the Common Security Framework developed by the Health Information Trust Alliance (HITRUST).
Brooklyn-based Maimonides hired Verizon to audit its security practices.
"We wanted an outside, objective view of what we were doing internally," says Walter Fahey, vice president and CIO of Maimonides. "We just completed putting in a significant amount of wireless equipment in a new facility that we built, and we wanted to validate what our implementation team had done and ensure that it met all the integrity standards of the network infrastructure that we have provided here for years."
Fahey says Verizon Business found a few minor vulnerabilities during the review, and that Maimonides was able to fix them quickly. Maimonides not only hosts patient data for its physicians and operates its own network, but it also hosts applications for the Brooklyn Health Information Exchange (BHIX), a consortium of 10 regional healthcare providers that share electronic medical records with each other.
"We need to make sure that all of our transactions are secure," Fahey explained. "It's a little extra burden of ensuring that not only are we compliant, but that the data was all coming through the VPN and that we provide the right security to the other participants in BHIX."
A long-time Verizon customer, Maimonides has a Verizon Dense Wave Division Multiplexing (DWDM) ring for a network. The hospital is standardized on Cisco networking gear and IBM computers.
Fahey says Maimonides has not had a security breach, "and I don't want any." That's why he's contracted with Verizon's new consulting group to do security audits twice a year.
Verizon has "a lot of advanced tool sets that they do diagnostics with. They walk the facilities, and they check everything, so it gives you a better comfort level that you've passed an external audit," Fahey says.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment