08 Jan IT Systems for Healthcare: Meeting Your Security and Performance Needs
Just as alluring as a cherry red lollipop can seem to a young child, the extremely sensitive information collected by healthcare organizations is to the cybercriminal world. Social security numbers, patient names, dates of birth, and much more present the “candy” that these attacks are geared at. So, it’s not surprising to see how reports have indicated that in the last two years 53% of healthcare organizations reported data breaches. As was reported in a separate article, this issue is only getting worse for healthcare, especially during this pandemic year.
As these realities are setting in, healthcare organizations must bolster their IT defenses to protect their sensitive information. Nevertheless, with these increased security needs, there must be a balance with the performance of their systems. In order to provide the kind of care patients need and maintain their satisfaction, these systems need to perform at their optimal level. At times it can appear that you cannot have both performance and security. However, that is not the case. Let us outline a few ways that IT operations management (ITOM) and security operations solutions can assist healthcare organizations to balance their systems’ security and performance requirements.
Boost your security with improved visibility
When visibility to your systems is minimal, or lacking altogether, managing your IT security can be exceedingly difficult. With the increase of a variety of threats, including Ransomware, it’s imperative for healthcare systems to better their visibility into how traffic moves across their networks. One option that can help is automated service mapping. This combines a centralized configuration management database with discovery tools that give all IT teams, including security operations and compliance, visibility across the entire network. Another benefit to this type of system-wide visibility is that there is a quicker response to identifying the key cause of business-service issues.
Strike the balance
It can seem quite an undertaking for IT to find a balance between security and system performance, especially when there are organizational silos. Giving more importance to security can at times contest with what is needed to deliver the best clinical and business services. Why is that?
As the IT team begins to equip the system with new security protocols, they are in effect changing the system, which can have a domino effect and eventually impact the clinician experience. To counterbalance these changes, a centralized platform is needed, where everyone can immediately see the business effect of planned changes or outages. When everything is documented and executed on the same platform, it also makes it smoother for IT operations and security teams to quickly identify and resolve system-performance issues before they affect clinicians or business users.
Automate your workflows
When implementing a centralized platform for security and operations, you are also gaining the added benefit of automating important workflows. Having an IT operations management platform can help IT teams improve how they manage their transport layer security (TLS). Since managing TLS certificate expiration dates is often done manually on spreadsheets, it can be easy to miss upcoming certificate expirations. But, with an ITOM platform, this process can be automated. Similar automated workflows can also be created to provide alerts about other software licenses that will soon expire.
An ITOM platform can aid IT in resolving security and performance issues proactively so that clinicians can provide continuous efficient and effective care to patients while using their EHR and other health IT systems. As healthcare industries continue to be on the frontlines of the post-pandemic battles that we still face, providing the optimal clinician and patient experience is essential. But security cannot be overlooked. The overall performance of this industry will be greatly affected by creating a balance between security and system performance. Centralized platforms with complete network visibility will play a major role in supporting these entities by improving the structure of critical business services, reducing costs, and improving reliability.
About the author: Wilfredo Vera Pujols, CISA, CDPSE
A skilled consultant in the areas of Internal Audits and Compliance, Vera holds a BBA in Information Services from the University of Puerto Rico Mayaguez and a Master’s in Computer Sciences from the illustrious Polytechnic University of Puerto Rico. He has used his excellent preparation in the last 3 years of his specialty in Auditing and Consulting, Internal Controls, and SOX for our diverse clientele. Among some of his major clients are Evertec, Triple S of Puerto Rico, and Banco Popular, to name a few. We are sure that this ISACA member, along with the expertise of FPV & Galíndez’s skilled Consulting Department will provide strategic solutions for any IT and Cybersecurity needs your organization may have.