Day: August 3, 2016

IT Security and Healthcare

According to IBM Security, almost 100,000,000 healthcare records were compromised in 2015. Data breaches are a serious problem across industries, especially in healthcare. We are all at risk from our healthcare records being hacked. The article Why change management needs review by IT security  addresses the “elephant in the room” by recommending that the IT department participate in change management policies and procedures.

“Investigations conducted by the HHS Office for Civil Rights often reveal that healthcare organizations fail to implement policies and procedures to prevent security violations or effectively manage risk1.”

The graph below display the healthcare hacks by type. Malware, physical theft, human error and phishing can all be reduced through IT security training. Educating users is key. Phishing attacks can be thwarted by educating users not to open email attachments and hyperlinks from unknown senders. In addition, malware can be reduced through monitoring and maintaining servers and computers.

Healthcare Attacks by Type

Here are the recommendations for key steps in an effective change management process1:

  • Document and implement a change management policy and procedure and ensure the process oversees and monitors all changes to existing and new technologies such as servers, desktops, applications and databases.
  • Establish a detailed process flow for applying the change with back-out plans and integrate security reviews prior to a change and post introduction to validate installation is consistent with security requirements.
  • Define and assign roles and responsibilities to coordinate, document, communicate and approve change requests and ensure that only those individuals authorized to carry out a change, has the relevant access and that all necessary approvals are received prior to a change being introduced.
  • Establish and regularly assemble a Change Advisory Board, composed of technical and business membership, while communicating change plans to all stakeholders within a reasonable time prior to the scheduled change.
  • Test the change in a non-production environment prior to implementing any change in the production environment.
  • Ensure the asset inventory is updated whenever a technology is added, modified or removed from the environment, including the installation of software and software patches to provide an accurate and complete view of organizational assets.
  • Provide ongoing training and communications to ensure users thoroughly understand and follow the change management process and its value to the organization.
  • Track approvals, decisions and variances in a change management repository including the associated rationale behind decisions made and ensure all changes are carefully documented.
  • Establish metrics to provide a process baseline, determine the effect of process improvements, identify areas where the process may be ineffectual or broken, and assess improvements that could make the process more effective or efficient.

If you are unsure whether or not your company is HIPPA compliant contact Zerofail Southeast for an assessment at info@zerofailse.com.

1 http://www.healthdatamanagement.com/opinion/why-change-management-needs-review-by-it-security

Advertisements

Tech Terms: FSB

Stands for “frontside bus.” The FSB connects the computer’s processor to the system memory (RAM) and other components on the motherboard. These components include the system chipset, AGP card, PCI devices, and other peripherals. Because the FSB serves as the main path from the processor to the rest of the motherboard, it is also called the “system bus.”

The speed of the frontside bus is measured in Megahertz or Gigahertz, just like the processor. Most computers’ processors run faster than their system buses, so the FSB speed is typically a ratio of the processor speed. For example, a Pentium 4 processor that runs at 2.4 GHz may have an FSB speed of only 400 MHz. The CPU to FSB ratio would be 6:1. A Power Mac G5, however, with a 2.0 GHz processor, has a 1.0 GHz frontside bus. Therefore, its CPU to FSB ratio is 2:1.

The smaller the ratio, the more efficiently the processor can work. Therefore, faster frontside bus speeds lead to faster overall performance. When the CPU to FSB ratio is high, the processor often has to wait for data to be sent out over the system bus before getting new data to process. For this reason, the FSB can be a bottleneck in a computer’s performance. So if you are looking for a fast computer, don’t just check the processor speed, but find out what the frontside bus speed is as well.

Source: http://techterms.com/definition/fsb