used with permission from Tektonika (HP)
by Megan Williams
Your competitors are ready to invest in modern IT infrastructure, so now is the right time to start lobbying your higher-ups for a network upgrade. The proof? According to Damon Consulting’s third annual Healthcare IT Demand Survey, infrastructure upgrades have ranked with AI and big data analytics as top spending priorities in recent years. So what does this mean for IT leaders?
It translates to a strong business case for any network upgrade you might have on your own wishlist. If you’re still not convinced, here are four signs that you need to catch up with digitizing healthcare and leave behind yesterday’s network standards.
1. HIPAA haunts your nightmares
HIPAA’s been around forever, at least in tech years, so it can take a disaster or an impending one to get people’s attention. If you’ve been subconsciously tuning out HIPAA breaches and penalties lately, it may be because you subconsciously worry that a HIPAA disaster is just one breach or ransomware attack away—and it probably is. Alternatively, you may be acutely in tune with the threats at hand but feel powerless to act in the face of sweeping, high-stakes legislation.
Negligence around HIPAA standards has been a threat to hospitals’ bottom lines for a while now (even from the patient side), so if you haven’t sat down with the Security Rule recently, now might be a good time. Pay special attention to the Security Rule Assessment Tool, and when you’re considering vendors for your upgrades, make sure you’re working with partners who understand the intricacies of the healthcare industry and the multi-faceted threats it faces.
That said, it’s always a good idea to aim higher than the bar that HIPAA sets and use it as a baseline for developing network security practices that align with your organization’s mission and community needs.
2. You haven’t thought about the IoT
It’s easy to write off the Internet of Things (IoT) as a buzzword, but that doesn’t mean it’s not having a serious effect on healthcare networks.
When you hear IoT, you may be thinking of cutting edge tech like connected contact lenses or something consumer-oriented like an Apple Watch, but chances are good that you’ve already got IoT vulnerabilities throughout your network waiting to let a new generation of hackers in. Hospital standards like wireless tags, connected imaging machines, and remote patient monitoring systems all fall under the category of IoT and can make a serious impact on your security risk profile.
To make sure your IoT investments are more return than risk, keep up with the National Institute of Standards and Technology’s Cybersecurity for IoT program. It provides ongoing education and updated guidance on managing IoT challenges.
While you’re evaluating your IoT risk, be sure not to overlook legacy systems that might not be IoT-ready, especially surprisingly vulnerable endpoints like printers, which can easily be upgraded to smart, secure versions that help to keep your network up to date.
3. You’re suffering from alarm fatigue
The forces that are digitizing healthcare have to be monitored, but if you and your team find yourself inundated with alarms, notifications, and flags, you’re more at risk of waving off a real threat to your network security when it comes knocking.
It’s a common issue in healthcare IT and IT at large, but not one that can be overlooked. Johns Hopkins actually recommends a list of specific tools for combating alarm fatigue, including algorithms for alarm escalation and alarm filtering to smartphones and devices. They’ve also developed guidelines around the following:
- Appropriate alarm settings
- Effective notification channels
- Actionable alarm information
- Clear and timely response protocols
- Proper staff training
Beyond that, consider creating your own, custom guidelines that fit the alarm fatigue issues in your organization. It may be a matter of taking an afternoon to tune your email notifications and turn off anything that constitutes “noise” so that the real threats stand out. It’s your responsibility as an IT leader to ensure that you and your staff don’t get desensitized to the alerts that are designed to help you.
4. You’ve recently gone through changes
Mergers, acquisitions, new diagnostic equipment, a shift in work-from-home policies—any of these changes could mean that your network needs have evolved to the point where you’re just one incident or executive whim away from your network security and IT staff being put to the test.
If you’ve gone through any of these changes recently and your network hasn’t really budged, it’s time to look at strengthening the foundation of your risk management. And while you’re evaluating solutions to complement your new approach to risk management, make sure you look for partners who understand the changes your organization has experienced and whose solutions align with your needs.
Whatever red flags you’re seeing, take the time to catch up with newer smart solution options around firewalls, servers, cloud-based offerings, and secure endpoints. You’ll be glad you made the choice to upgrade before it was made for you.