DOTmed Home MRI Oncology Ultrasound Molecular Imaging X-Ray Cardiology Health IT Business Affairs
News Home Parts & Service Operating Room CT Women's Health Proton Therapy Endoscopy HTMs Mobile Imaging
Current Location:
> This Story

Log in or Register to rate this News Story
Forward Printable StoryPrint Comment




More Voices

Absolute Medical Imaging: A new name in imaging but no shortage of experience We spoke to Jordan Brinker, Will Hengemuhle and John Vartanian to learn more about a new company in mobile imaging, service and equipment

Remembering Dr. Nancy Cappello A patient advocate and champion of breast density awareness has passed away, but not without leaving her mark on the world

Clinical wearables – remaining competitive in an evolving market Insights from Ravi Kuppuraj, Business Leader of Connected Sensing Venture for Philips

Army troops at the border in Texas on Veteran's Day The Jacobus Report

Coon Memorial brings MR in-house with Canon Medical's Vantage Titan 1.5 T scanner Thomas Berryman, lead MR tech at Coon Memorial Hospital discusses the benefits that have come with trading out their mobile trailer for a fixed unit

Q&A with Patrick Flaherty, vice president of operations for BioTronics at UPMC HTM insights on the ways equipment maintenance and purchasing are changing and how that impacts the biomedical team’s role

Q&A with RSNA president Dr. Vijay Rao Discussing the state of radiology today and what to expect at this year's RSNA meeting

Visiting Kansas City for HTMA Mid West The Jacobus Report

John-Philip Galinski

Cybersecurity - How to avoid data breaches

From the August 2015 issue of DOTmed HealthCare Business News magazine
With increasingly sophisticated attacks being carried out and health care getting targeted more and more often, it’s vital that facilities take the steps necessary to ensure their data remain secure.

Usernames and passwords are not even close to enough
Social engineering, phishing, key loggers and a host of other malware and password theft tactics are alive and well. Regardless of the method, the number of data thefts worldwide has grown from “insignificant” to “devastating and frequent” in the past 10 years. By themselves, user credentials have become effectively meaningless.
Story Continues Below Advertisement

Source-Ray, Inc. - Innovations In Portable X-Ray

SRI is a leading Developer, Manufacturer & Supplier of Innovative Portable Imaging Equipment. We offer Lightweight, Agile, Easy to Maneuver Portable X-Ray Systems ideal for maneuvering in tight spaces. Call us at 631-244-8200

The only way to combat password theft is to utilize a physical token that is required in addition to the user credentials: a prox card, a challenge/ response passcode, or ideally a biometric. Access to particularly sensitive data should use a combination of physical tokens.

Data security functions need to be separated from IT
As a CIO for the majority of my career, I can guarantee you that it’s human nature, and especially so for IT people, to try to make their work lives as effective and efficient as possible. Unfortunately that often translates to providing both themselves as well as the users that they support with streamlined access to data. If they don’t provide streamlined access, they become “those guys that make our lives miserable.”

Not only is this unfair to your IT staff, it’s completely unrealistic. Network and data security are not part time jobs. Hackers are hackers full time. They don’t just dabble. Hackers are passionate and driven. Therefore, you need security staff that are just as passionate, driven, and dedicated as the hackers that they’re defending you from.

Security staff should be separated from the rest of your IT team and should report directly to the head of your IT operation, either the CIO or CTO. In fact, there is a strong case for having your chief of information security report directly to the COO. And here’s why: Your IT organization is tasked with the 24x7 job of ensuring that everything runs smoothly and without any downtime. When presented with a project that may result in a short-term security risk but will get the project done more quickly, it’s far too easy to rationalize the risk away.

Data security policies and procedures need to be elevated to a primary function even ahead of project completion. Is continual progress important? Absolutely! But one data breach can wipe out several years of successful project completion. Your security team should be running usage reports, auditing activities, and performing usage and trend analysis, down to individual users, to really understand the data flow within your organization.
  Pages: 1 - 2 >>


You Must Be Logged In To Post A Comment

Increase Your
Brand Awareness
Auctions + Private Sales
Get The
Best Price
Buy Equipment/Parts
Find The
Lowest Price
Daily News
Read The
Latest News
Browse All
DOTmed Users
Ethics on DOTmed
View Our
Ethics Program
Gold Parts Vendor Program
Receive PH
Gold Service Dealer Program
Receive RFP/PS
Healthcare Providers
See all
HCP Tools
A Job
Parts Hunter +EasyPay
Get Parts
Recently Certified
View Recently
Certified Users
Recently Rated
View Recently
Certified Users
Rental Central
Rent Equipment
For Less
Sell Equipment/Parts
Get The
Most Money
Service Technicians Forum
Find Help
And Advice
Simple RFP
Get Equipment
Virtual Trade Show
Find Service
For Equipment
Access and use of this site is subject to the terms and conditions of our LEGAL NOTICE & PRIVACY NOTICE
Property of and Proprietary to, Inc. Copyright ©2001-2018, Inc.