Resources for Health Insurance Portability and Accountability Act (HIPAA)

Clinical IT leads to security neglect at hospitals

www.fiercehealthit.com

This week's piece from Network World points to a troubling problem--that hospitals are in crosshairs these days when it comes to cyberattacks and other forms of black-hat hacking. Given the growing number of well-publicized security breaches over the last year alone, you'd think that IT leaders would have no trouble getting the bucks they need to boost security protections. You'd think wrong.

With hospital leaders outside the IT suite under tremendous pressure to improve the quality of care--and document that they've done so--clinical data is a priority for most. But along the way, HIT executives are becoming increasingly concerned that their data protection efforts are inadequate.

Now, I'm not suggesting that there's anything wrong with wanting to improve care. But as I've said before, it seems to me that adding big-ticket, shiny clinical solutions without securing the network isn't smart. I know it's a balancing act, but it seems pretty clear that at this point, the balance isn't weighed enough in favor of robust security.

Now, with HHS doing surprise audits of hospitals' HIPAA compliance, some non-IT hospital leaders may get a rude shock when it comes to their security infrastructure. Some CEOs who had no idea that their networks were vulnerable are going to flunk the inspection.

View the Resource

Share or bookmarklet this web page at: