Healthcare security should start with identity
Despite millions of dollars in potential fines, declining reputation and lost productivity, security spending in most hospitals still averages less than 4% of their total IT budgets. That’s according an article by Healthcare Informatics, which consisted of data gathered by KLAS Research and CHIME. The same report further outlined the state of provider preparedness when it comes to protecting sensitive health data.
Merely 16% of surveyed organisations reported having “fully functional” security programs. While another 43% admitted to either not having a security program or still developing one. Furthermore, only four out of 10 organisations have a vice president or C-level official in charge of cybersecurity. And finally, less than two thirds said security is discussed quarterly at board meetings.
These numbers suggest most providers still have a long way to go when it comes to addressing the reality of cyber security in 2017. That said, where should you start and where will you get the most bang for your buck? The answer is to start with identity where there are significant business benefits.
While news headlines are focused on unwanted intrusions by outsiders, it is important to remember approximately half of all healthcare data breaches in 2016 were attributed to insiders, whether due to malicious intent or by accident. And who are the insiders? They are clinical and operational employees, contractors, vendors and partners—all of whom require access to your data as part of their regular workflow.
- Ottawa Hospital: Transforming health care from the inside out
- MyHealth Centre: Quality patient experience
- Apollo Hospitals: Personalizing healthcare with technology
By placing identity at the centre of a hospital’s or health system’s cybersecurity program, you gain complete visibility and control over who has access to critical applications and data, including the EHR system. When done properly, managing access will strike a perfect balance between the need for strong security and the need for streamlined clinical and operational workflow. Ultimately, this enables providers to focus on what they do best—delivering patient care.
Molina Healthcare, for instance, has 20,000+ employees and a complex hybrid-IT environment with applications running in the data centre and in the cloud. Aligning security efforts around identity enabled them to implement a self-service access request process, which streamlined IT processes and reduced business-user frustration by speeding delivery of access to applications and data. Furthermore, because claims processing is a large part of Molina’s business, speeding up this process has provided great value to the organisation. Finally, because identity became a central focus, IT gained visibility into who has access to what data, and the ability to ensure users have the right access to the right data at the right time.
For healthcare providers, Molina serves as a great example of how identity governance and access management not only helps providers secure sensitive health data, it streamlines clinical and operational workflows.
On the rise: Jack Nathan Health
Canadian healthcare company Jack Nathan Medical Corp has announced a major expansion in Mexico, with the opening of 153 new medical clinics in Walmart stores under the brand name Jack Nathan Health.
The company say these will be located in areas that would benefit from increased medical services, which will include telemedicine options and family health.
This is the company's largest expansion since it was founded in 2006, and will give Jack Nathan Health a significant presence as a healthcare provider in Mexico, bringing the company's total clinics to the Central American country to 203.
Leading healthcare in Canada
Jack Nathan Medical Corp is one of Canada’s largest healthcare networks, providing primary, dental and urgent care. Thanks to its partnership with Walmart Canada, it operates clinics in 76 Walmart stores across the country.
A key part of the company's strategy is the use of technology to drive patient and practitioner engagement. Its online platform offers e-prescribing, patient scheduling and a virtual consultation service, which was developed quickly to enable access to healthcare professionals during the pandemic, as well as COVID-19 screening.
In November 2020 the company appointed digital health expert Serge Cinelli as its new Chief Technology Officer, to help roll out Jack Nathan's proprietary technology. Following this, in January this year it acquired Writi, a software firm.
Revolutionising healthcare with technology
Writi's Virtual Healthcare solution is a cloud-based medication-management platform aimed at elderly care providers, and is available on mobile devices and web platforms. It is used by TELUS Health among others, the health division of one of Canada's largest telecommunications companies.
The acquisition of Writi formed part of Jack Nathan Health's technology roadmap, which includes bringing hospital-quality care to the home.
As well as trading on the Toronto Venture Stock Exchange, earlier this year Jack Nathan began trading shares on the OTCQB, a leading American market for early stage and developing companies.
Commenting on the recent expansion throughout Mexico, Chairman and Chief Executive Officer George Barakat said: "Jack Nathan Health, in partnership with Walmart, is now positioning itself to become the largest physician serviced healthcare network in Mexico.
"We believe that we are going to revolutionise healthcare as we embark on this historic growth phase.”