Security News

Protecting Health IT Infrastructure with Government Resources

Government provided cybersecurity resources aim to ensure organizations are fully protecting their health IT infrastructure.

By Elizabeth O'Dowd

Electronic health data is never fully protected and with the growth of health IT infrastructure, data is more susceptible to cyber attacks. Cybersecurity is a large part of any network, cloud, or wireless infrastructure and is necessary for all deployments. Networks need to be protected against malicious attacks and service failure to keep protected health data safe, and quickly resume normal activity after an outage.

Protecting health IT infrastructure.

Several government organizations have resources readily available for healthcare institutions. According to the Department of Health and Human Services (HHS), these resources are needed to mitigate cyber threats and strengthen cybersecurity in the HPH sector in order to address potential vulnerabilities. HHS provides a checklist that “outlines several hardware, software and educational items organizations should consider and implement to protect their digital infrastructure.”

Implementing security protocols for hardware is the first step in ensuring an organization’s infrastructure is protected. Never leave devices with network access out in the open and lock up any company devices at the end of the night. Lost or stolen devices need to be reported immediately, and special permissions must be granted for data transfer off of a device via USB or disk.

If an employee leaves an organization or is given a new devices, wiping all user data off the device ensures another user won’t come across it. Deactivating old user accounts for former employees safeguards against unauthorized users gaining access.

  • Intraoperative Imaging Becomes Vital HIT Infrastructure Tool
  • DRaaS, Storage Among Top Growing Health IT Cloud Adoptions
  • Kubernetes Supports Container Management for HIT Infrastructure
  • National HIE Connection and App Store in ONC Plans for 2016
  • Protecting Health IT Infrastructure with Government Resources
  • US Hospitals Increasingly Adopt Radiology 3D Image/Display Tech
  • Overcoming Healthcare Hybrid Cloud Storage Challenges
  • Healthcare IoT Sensor Solution Remotely Collects Wearable Data
  • Remote Monitoring, Operations Drive Healthcare IoT Adoption
  • Potential for Virtual Mobile Infrastructure in Healthcare
  • How Open Source, Crowdsourcing Aids HIT Development
  • Providers Demand Interoperability, Security from PACS Vendors
  • Institutional Investors to Pump $200B More Into Healthcare Infrastructure
  • New Service Could Help Hospitals with Wireless Networking Strain
  • Healthcare Cloud Security Relies on Infrastructure Visibility
  • How Healthcare Low Code App Development Increases Flexibility
  • Asset Tracking Solutions Save Providers Time and Money
  • Health IT Infrastructure Investment Key to NHS Long-Term Plan
  • OpenEye Adopts SD-WAN Solution for Improved SaaS Connection
  • Deloitte Sees Promising Future for Healthcare Blockchain
  • Data Migration Supports Future-Proof Health IT Infrastructure
  • NIST Guide Focuses on Healthcare Wireless Network Security
  • Cloud Information Management Systems Aid HIT Infrastructure
  • Visibility, Automation Defend Against Network Security Threats
  • Wireless Broadband Improvements Key to Rural Telehealth
  • Lower Costs a Promising Sign for Private Healthcare Cloud?
  • Staffing Top Challenge in SIEM HIT Infrastructure Adoption
  • Identity Governance and Admin Protects HIT Infrastructure
  • Healthcare API Management Solutions Grow with Interoperability
  • EU Data Privacy Rule GDPR Impacts US Health IT Infrastructure
  • Gustave Roussy Institut, Embleema Team on Healthcare Blockchain
  • IDBS Releases Latest Cloud-Based Research Platform for Health IT
  • Mobile Device Integration: Are Tablets a Dying Breed?
  • Microsoft, Red Hat Improve Container Adoption for Healthcare
  • DB Networks Launches Artificial Intelligence-Based DAM Solution
  • Healthcare Artificial Intelligence Market to Reach $20B in 2024
  • Pure Storage, Cisco to Improve Infrastructure Data Storage
  • Why the Difference Between MDM, EMM Matters in Health IT
  • Cloud, Mobile Strategies Critical to HIT Infrastructure Growth
  • Health IT Infrastructure Integration Systems Expected to Rise
  • Comparing Public, Private, Hybrid Healthcare Cloud Storage
  • Oracle, Ivanti Announce New Data Integration Cloud Services
  • APIs Are the “Missing Piece” for Healthcare App Interoperability  
  • IT More Upbeat Than Clinicians About Healthcare Interoperability
  • Solutions to Guest Healthcare Wireless Network Challenges
  • Upgrading Health IT Infrastructure Top Challenge for Healthcare
  • HIT Infrastructure Security Upgrades Needed Against Botnet Attacks
  • Network Segregation Is Best Way to Thwart Ransomware Attacks
  • Planning, Testing Lead to Successful HIT Backup and Disaster Recovery
  • Open Source Tools Provide Control Over HIT Multi-Cloud Environments
  • Data Science Orgs Form GPU Initiative for Data Analytics
  • Health Network Security Challenges of Wireless Deployment
  • Data Virtualization Assists HIT Infrastructure File Sharing
  • Big Data Analytics Solutions Significant to Health IT
  • ONC Proposes Certification Criteria for Developers of Healthcare APIs
  • Health IT Infrastructure Obstacles Stall EHR Interoperability
  • Ochsner, Pfizer to Boost Healthcare Interoperability for Clinical Trials
  • ONC Chief Likely to Become Assistant Secretary for Health
  • How to Support a Full Healthcare Application Lifecycle
  • Healthcare Network Management Brings Visibility, Control to Orgs
  • Healthcare Wireless Networks Support Health IT Initiatives
  • Added Technology Expands Telemedicine at Children’s Mercy
  • Senate Committee Spotlights Patient-Generated Health Data
  • CEO Judy Faulkner Airs Epic’s Views on EHR Interoperability
  • More Health Orgs Using Surescripts Health Data Exchange Service
  • Outdated Health IT Infrastructure Attracts Hackers to Hospitals
  • Applying Healthcare Blockchain to HIT Infrastructure
  • DoD Restructures Management of Medical Treatment Facilities
  • Ruckus, TrackR Release Wi-Fi IoT Device Tracking Solution
  • Major Vendors Form IoT Cybersecurity Alliance
  • HL7 Calls for Further Build-out of Interoperability Infrastructure
  • Connected Medical Devices Need Current HIT Infrastructure Security
  • Open Source Health IT App Development Cuts Back Costs
  • Trend Micro Adds Mobile Security, Device Monitoring Tools
  • New FHIR App Developments Support Health Data Search on EHRs
  • Protecting Health IT infrastructure from DDoS Attacks
  • Tape Storage Advancements Aid HIT Infrastructure Data Demands
  • Mobile Health Tool Adoption Supports Population Health
  • Blue Cedar Releases Enterprise Mobility Management Alternative
  • FDA Grants Breakthrough Device Status to Healthcare AI Software
  • Poorly Designed EHR Systems Are Major Cause of Physician Burnout
  • Using Virtual Machines to Advance Health IT Infrastructure
  • New Healthcare Technology from Tech Firms Could Solve Problems
  • HIT Push Adds Pressure for Proper Interoperability Systems
  • Avanade, Citrix Integrate Microsoft Azure and VDI Environments
  • 5 Essential Steps for Healthcare Cloud Data Migration
  • Aruba Networks Deploys Mobile-First HIT Network Infrastructure
  • Red Hat Releases Healthcare Mobile App Assessment Tool
  • Important Health IT Infrastructure Building Considerations
  • Cloud Foundry Aims to Solve Healthcare Developer Shortage
  • Staff Experience, Standards Impact Healthcare Blockchain Adoption
  • IoT Sensors Critical to Successful Health IT Infrastructure
  • Value-Based Care Drives Demand for Health IT Consulting
  • Noninvasive Healthcare Tools Support Value-Based Care
  • Artificial Intelligence Uses EHRs as Smart Analytics Tools
  • WiGig Solutions to Expand Bandwidth of Healthcare Networks
  • Navigating the Benefits, Challenges of Healthcare Hybrid Cloud
  • VMware, AWS Announce HIPAA-Eligible Hybrid Cloud
  • Health IT Infrastructure Embraces Flash-Based Array
  • AWS Expands Healthcare Internet of Things Capabilities
  • Protecting software is the next step in preventing protected health data from getting into the wrong hands. If a hacker does gain access to the network, encrypting the data protects it from being compromised. Instead of giving employees access to the entire data center, limiting access only to the programs, applications, and data each employee uses regularly will limit the amount of user vulnerabilities.

    Regularly scheduled software audits and anti virus scans alert IT if any unauthorized software applications were installed without the user’s knowledge. Network firewalls and secure VPN connections protect data from outside access.

    The HHS checklist stresses the importance of EHRs and advises organizations to “configure any EHR system or database to require specific access permissions for each user; inquire with the EHR vendor to determine how they provide updates and technical support.”

    Educating users and establishing a policies for disaster recovery and the dangers of vulnerable data prevents user error attacks. Conducting information sessions about phishing, spyware and informing them of the laws surrounding healthcare data can go a long way in preventing careless mistakes.

    Many users don’t realize that accessing the network from a public Wi-Fi hotspot or not changing their passwords often enough can leave the door open for hackers.

    Other government programs can assist further in making sure an organization's health IT infrastructure is secure. The Computer Emergency Readiness Team conducts a no-cost assessment to “evaluate an organization’s operational resilience and cybersecurity practices.”

    The Department of Homeland Security offers the Enhanced Cybersecurity Services (ECS) program which is a voluntary information sharing program. It “assists critical infrastructure owners and operators to improve protection of their systems from unauthorized access, exploitation, or data exfiltration.” The ECS shares government cybersecurity information with qualified commercial service providers in order to improve security. Healthcare organizations participating in this program get the benefit of security evaluations, and use of the data collected to improve internal operations.

    Programs like these are not mandatory for healthcare organizations, but they can be useful to smaller practices with small IT departments. Not all practices are aware of how to conduct evaluations, leaving their networks vulnerable in some areas. These resources aim to serve organizations of all sizes and can bring to light areas where health IT infrastructure needs to be improved.  

    Dig Deeper:


    Sign up for our free newsletter covering the latest IT technology for Hospitals:

    Our privacy policy

    no, thanks

    Continue to site...