Let’s face it—doctors are not the most technical people in the world. If doctors are using mobile phones to access hospital networks and transfer patient data, they need to sign on the network easily, quickly and more importantly, securely. Policies need to already be established and available at any moment.
Hospital technology needs to support various employee devices. As mentioned in a WSJ article, doctors are using both iPhone and BlackBerry devices for work. Solutions ought to be universal, and support various devices and operating systems to enable full remote network access. Using a device that is not compliant with the network puts information at risk for being breached.
Role specific restriction polices for document and file access is another policy that should be in place for hospitals. Not all employees need the same access to items on the network—doctors need access to patient files, not the front desk. Establishing such will strengthen the network’s security and decrease the traffic to private information.
NAC should be applied to hospital networks to provide an extra layer of security. With numerous devices and people, including, doctors, visiting nurses, hospice divisions, paramedic units, front desk personnel, etc accessing the network, each device needs to be ‘pat down’ before granting access. It is important to check that security software is up-to-date, correct encryption settings are in place and firewall settings are enabled.
WSJ writers, Niraj Sheth and Yukari Iwatani Kane report that doctors and staff are using mobiles to connect with remote paramedic units to instantly access on-scene accident information and patients’ records to expedite care. As mobile usage among doctors increase, security has become a major concern for the industry and patients because of HIPAA regulations and risks for breaches. While security is certainly a legitimate concern, hospitals and IT administrators also need to reconsider remote access policies to make certain devices are compliant before accessing the network.
IT administrators need a comprehensive system to ensure their doctors have adequate access to the network quickly and efficiently, while also remaining secure and reliable. Each of these factors are particularly important for hospital personnel because they are in urgent settings. IT administrators need to rethink their remote access policies and make sure they fit their current needs, and not depend on their existing infrastructure for fulfilling these needs.