The risks of hackers creating a reign of terror among health care cloud data users was a dominant theme at HIMSS 2015.

These concerns were the high point of the session entitled Data Security Officers: Addressing Risks and Avoiding Crisis from the Trenches. Their advice transcended concerns over any specific vendor's product, as all may be vulnerable to black hat predators.

The high-profile panel included Jody R. Westby, CEO of Global Cyber Risk, LLC; James B. Wieland, Principal at OberlKaler; and Gerry Hinkley, Partner at Pillsbury Winthrop Shaw Pittman LLP. The packed house was given a compelling overview of modern threat scenarios that need constant vigilance on the part of all health IT professionals.

As health care moves into the "cloud" and connectivity becomes increasingly important, these kinds of concerns are exemplified. Open source providers have to reckon with threats like the Heartbleed bug when securing their software. From an investment standpoint, facilities need to be able to leverage the benefits of open source, namely source code, in a safe way.

Several presenters at HIMSS this year set out to address these security problems. Platforms from companies like Sqrrl, GreyCastle Security, Northrop Grumman and Bottomline Healthcare are all looking to curb those threats.

Bottomline, for example, is doing so by offering a non-invasive approach to monitor, replay, and analyze user behavior across multiple systems and applications.

“The Bottomline Healthcare Privacy and Data Security solution proactively deters privacy and security threats. It delivers a critical, next line of defense by giving health care providers a ‘digital surveillance camera’ to monitor user and network activity across systems and applications,” said David Sweet, Executive Vice President, Strategy and Corporate Development of Bottomline Technologies, in a statement.

While reliable technology is a crucial component, the support has to be there to make it work. The Data Security Officers: Addressing Risks and Avoiding Crisis from the Trenches presenters contend that greater involvement from the government — as well as "Centers of Excellence" — are crucial elements in keeping networks secure in the coming years.

They also stressed the importance of Managed Security Services, and that optimal cyber security is never as simple as signing a contract. As one of the presenters observed, Anthem had just such a contract when their attack took place.

As cyber security becomes a larger concern in health care, so too will the demand for meaningful intervention, monitoring, and encryption. It would not be surprising to see the security turnout grow significantly for HIMSS 2016.

Back to HCB News

Health IT Homepage