Work flow key to healthcare IT security
By Nicole Kobie,
The key to better healthcare IT security is making it easy to use, according to the heads of healthcare access management firm Sentillion.
As healthcare foundations and trusts invest more and more money in technology, security has moved to the forefront - as protecting patient data and privacy isn't just important, but regulated by law.
But increasing security means productivity is taking a hit, according to Paul Roscoe, president of Sentillion. "It's a balance between security and productivity," he said. "You need to balance and have both."
For security reasons, user authentication is required for any application with patient data, meaning many clinicians have to enter user names and passwords multiple times throughout their day - frustrating work flow for busy clinicians who may start to take shortcuts. "Human nature says it's easier to keep it logged in and use the same credentials," said Paul Malcolm, Sentillion's UK managing director. "We're trying to say that's a security breach."
One method to streamline the process is to create a single sign on, so staff members need just one user name and password to access multiple applications. Moving to such a system saved one Sentillion customer 70 seconds each login. A stopwatch study showed that before the implementation, signing in took 81 seconds on average, because staff had to enter passcodes for multiple, unrelated best of breed systems. After moving to a single username and password, it took just 10 seconds.
Signing off is just as important. "The trouble with hospitals is they're not like being in an enterprise or a bank, as the terminals are often publicly accessible," said Malcolm. Because of this, ensuring public terminals don't stay logged on after staff have walked away is important to protect privacy.
Such is the benefit of automatic timeouts, but other tools such as proximity cards can help automate the process, too. With a proximity card, a clinician is automatically signed out when they step away from a terminal.
While fingerprinting, smart cards, secure ID tokens, and proximity devices all help, it's ultimately still up to staff to actually use them, warns Roscoe. "The way you authenticate yourself doesn't really matter, a password is just as good as anything else," he said.
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Security Analysis & Insight
What is your password worth?
Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.
- Macs under attack?
- Intel: security inside
- Are you spending too much on IT security?
- Does the government want to snoop on your data?
- Eurocrats versus the cyber criminals
- The truth about spam
- Google and privacy: What’s the problem?
- Q&A: Symantec’s CISO on the source code hack
- RSA: Back from the breach?
Latest Security Reviews
Check Point 2210 Appliance review
Rating: 
advertisement
Most popular
- Apple iPad 3 vs iPad 2 head-to-head review
- Hutchison denies it will pull plug on Three UK
- EMC World 2012: Tucci declares Documentum is here to stay
- ICO: Fines for cookie law breakers
- EMC World 2012: EMC talks up cloud, security and big data
- Dell PowerEdge R820 review
- Sony Vaio T13 Ultrabook review: First look
- BlackBerry 7 OS certified to carry 'Restricted' UK government information
- Facebook floatation marred by Nasdaq glitch
- CIO: Career is over?
Latest News Videos in Security
IT PRO Podcast: Are UK data protection laws flawed?
PlayWe bring in two experts to talk about the problems with UK data protection law and the way it is managed.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
