Five holes in your organization's IT security structure

By Nancy McCallum
04:05 PM

Total security in an IT infrastructure is ideal, but it's not always the reality. According to Jerry Buchanan, Program Manager and Scrum Master at eMids Technologies, Inc., an IT and BPO consulting company, a 2009 study by the Ponemon Institute revealed that 80 percent of healthcare IT departments surveyed reported breaches.

Here's a list of where those breaches are most frequently found, according to the Ponemon Institute's report.

1. Applications without integrated, privileged-based accessibility

Multiple applications that have their own individual access procedures increase the risk of security gaps. Using a system such as Microsoft Active Directory can remedy that.

2. Lack of log-in monitoring systems

Security is increased by installing systems that detect unauthorized intrusions.

3. Unfiltered content

Security can be enhanced when all outbound and inbound network traffic about patient health information is comprehensively filtered.

4. Data exchange without encryption and obfuscation

Confidential and sensitive patient information needs to be appropriately encrypted, changed or deleted when it is exchanged with outside parties.

5. No backup/recovery system in place

When it comes to security, IT structures don’t always have an adequate backup plan – one that is also secure – in the event data is lost.

Source: Electronic Health Information at Risk: A Study of IT Practitioners, Ponemon Institute, October 15, 2009