Work flow key to healthcare IT security
User authentication is necessary to ensure patient data and privacy, but it can no longer be allowed to interrupt work flow, according to Sentillion.
The key to better healthcare IT security is making it easy to use, according to the heads of healthcare access management firm Sentillion.
As healthcare foundations and trusts invest more and more money in technology, security has moved to the forefront - as protecting patient data and privacy isn't just important, but regulated by law.
But increasing security means productivity is taking a hit, according to Paul Roscoe, president of Sentillion. "It's a balance between security and productivity," he said. "You need to balance and have both."
For security reasons, user authentication is required for any application with patient data, meaning many clinicians have to enter user names and passwords multiple times throughout their day - frustrating work flow for busy clinicians who may start to take shortcuts. "Human nature says it's easier to keep it logged in and use the same credentials," said Paul Malcolm, Sentillion's UK managing director. "We're trying to say that's a security breach."
One method to streamline the process is to create a single sign on, so staff members need just one user name and password to access multiple applications. Moving to such a system saved one Sentillion customer 70 seconds each login. A stopwatch study showed that before the implementation, signing in took 81 seconds on average, because staff had to enter passcodes for multiple, unrelated best of breed systems. After moving to a single username and password, it took just 10 seconds.
Signing off is just as important. "The trouble with hospitals is they're not like being in an enterprise or a bank, as the terminals are often publicly accessible," said Malcolm. Because of this, ensuring public terminals don't stay logged on after staff have walked away is important to protect privacy.
Such is the benefit of automatic timeouts, but other tools such as proximity cards can help automate the process, too. With a proximity card, a clinician is automatically signed out when they step away from a terminal.
Managing security risk and compliance in a challenging landscape
How key technology partners grow with your organisationDownload now
Security best practices for PostgreSQL
Securing data with PostgreSQLDownload now
Transform your MSP business into a money-making machine
Benefits and challenges of a recurring revenue modelDownload now
The care and feeding of cloud
How to support cloud infrastructure post-migrationWatch now