t cht lk
Unchecked data enters the IT infrastructure through patients and physicians ; this data must be recorded and always be accessible for further patient treatment .
How are healthcare IT managers managing compliance requirements – and can they do this more effectively ?
Visibility is crucial in healthcare settings – but how can IT teams obtain insight into the movement of patient data ?
Internal and external threats can only be detected if sufficient monitoring measures are in place to provide more transparency and automation in the course of data security . External threats are best detected by monitoring data movements between devices . This should be particularly observed in the direction of and to medical devices and IoT devices , as well as the communications between classic end devices and servers .
Glyn Yates , Regional Lead , IMEA , Matrix42
Many IT managers in hospitals assume that most data requiring protection is in the hospital information system ( HIS ) and is therefore secure . Unfortunately , this is a misconception . Much data is , or must be , exported from the hospital information system , for example , in the course of emergency records which are used to ensure that patient data is accessible even if important services and systems such as the hospital information system are no longer available .
Similarly , many hospitals protect their IT systems only with firewalls and virus scanners . However , since the healthcare sector is currently under heavy attack from hackers , classic protective measures are no longer sufficient .
If a so-called baseline service map is created beforehand based on network communications , lateral movements can be identified , which can show an anomaly or evidence of a hacking attack . Internal threats are prevented by controlling , logging , filtering and encrypting data storage and access .
Why is access management crucial in healthcare settings and how should IT managers approach this ?
Since many IT users in the healthcare sector have administrative rights on the respective end devices , access to applications and interfaces should be particularly protected . Application and interface control
76 INTELLIGENTCIO MIDDLE EAST www . intelligentcio . com