How IT security experts handle healthcare network access

[InfoSec News <alerts () infosecnews org>]

http://healthitsecurity.com/2014/05/27/how-it-security-experts-handle-healthcare-network-access/

By Patrick Ouellette
Health IT Security
May 27, 2014

Healthcare network security has become more complicated over the years 
because of the explosion of mobile device connectivity. And because it’s 
so difficult for healthcare organizations to have a firm grasp on where 
their perimeters begin and end, they must look for new ways to ensure 
networks are secure both internally and externally.

Panelists who took part in a talk titled “Data Security in the Cloud: 
Leveraging the Low-Cost Advantages while Managing Risk” at the recent iHT2 
conference in Boston discussed how they perceive healthcare network 
security and access controls. John Meyers, PhD, Assistant Professor of 
Medicine and Director of Technology, Department of Medicine, Boston 
University Medical Center, sparked the talk by explaining how there’s 
occasionally there’s going to be some protected health (PHI) out there 
that shouldn’t be. But if an organization limits the number of users who 
have access to the data, it can help mitigate those risks.

David Reis, PhD, CISO, VP of IT Governance, PMO and Security at Lahey 
Health explained how Lahey essentially stopped trusting its inside network 
two years ago in the same way it doesn’t trust everyone externally. When 
asked what this change in trust measures meant, Reis said there were a few 
different considerations involved, starting with no longer trusting 
internal users.

[...]

--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/