7 Tools To Tighten Healthcare Data Security

Most of the largest healthcare data security and privacy breaches have involved lost or stolen mobile computing devices. Consider these tools and tips for protecting patient data and managing breaches.




Smartphones, tablets, and other mobile devices can help facilitate better communication and more extensive patient-caregiver interaction. But they're also easy to lose and more challenging for IT departments to manage.

In fact, mobile devices--including laptop computers, flash drives, and other portable gear--have been involved with some of the largest Health Insurance Portability and Accountability Act (HIPAA) breaches to date affecting 500 or more individuals, according to the Dept. of Health and Human Services, which tracks those incidents on a data breach reporting website that healthcare players have dubbed, the Hall of Shame.

At the same time, healthcare providers have a lot more to lose besides their reputations when it comes to HIPAA violations: Under the HITECH Act, HHS now can impose penalties of as much as $1.5 million annually per organization--per hospital or doc practice--for violating HIPAA privacy rules.

Unfortunately, many of the largest data and security incidents--as well as large HIPAA breaches involving paper documents--have been caused by human error, according to HHS. But besides improving training of staff about best practices for protecting patient data privacy and security--and not allowing any sensitive data to be stored on mobile devices themselves--healthcare organizations can tap an array of vendors' software and other products to safeguard protected health information. Here's a look at some of those tools.


ID Experts' Radar is a Web-based HITECH incident risk assessment, documentation, and reporting tool that standardizes the process of analyzing, documenting, and reporting privacy-related events in compliance with the HITECH Act.

Radar provides a central repository for all incident-related information and management reporting, including accessing HIPAA-related incidents to determine when notifications are needed or if they need to be reported to the U.S. Department of Health and Human Services.

The product collects and manages supporting data for HHS Office for Civil Rights investigations and is scalable for any size organization.

Shown here is a Radar HITECH risk assessment for a lost thumb drive storage device containing patient information.

Recommended Reading

Patient Data Losses Jump 32%

How Secure Are Your Clinicians' Mobile Devices?

80% Of Doctors Use Mobile Devices At Work

Healthcare CIOs Juggle More Mobile Challenges

Docs Warm Up to EHRs, Patients Want Paper

Stanford Hospital Breach Exposes 20,000 ER Records

App Allows Radiology Diagnosis Via Tablet, Smartphone

Why Can't Patients See Their EHR Data?

Docs Have iPad Fever: Is There A Cure?

9 Mobile Health Apps Worth A Closer Look


With Wavelink Avalanche, network administrators can inventory, deploy, secure, update, and troubleshoot all components of their wireless infrastructure, such as mobile devices, mobile printers, access points and switches.

Healthcare organizations can automate device updates and receive alerts that cover device failures, equipment updates, and unwanted intrusions. Data being transferred to or from devices can be encrypted and devices that are lost or stolen can be remotely locked or wiped clean. Avalanche can help ensure data remains secure for patient confidentiality and compliance with HIPAA regulations.

Recommended Reading

Patient Data Losses Jump 32%

How Secure Are Your Clinicians' Mobile Devices?

80% Of Doctors Use Mobile Devices At Work

Healthcare CIOs Juggle More Mobile Challenges

Docs Warm Up to EHRs, Patients Want Paper

Stanford Hospital Breach Exposes 20,000 ER Records

App Allows Radiology Diagnosis Via Tablet, Smartphone

Why Can't Patients See Their EHR Data?

Docs Have iPad Fever: Is There A Cure?

9 Mobile Health Apps Worth A Closer Look


DigitalPersona Pro Enterprise is a suite of authentication and access management tools that are administered through Microsoft's Active Directory. The product secures user access to data, applications, computers, and networks to help ensure patient information remains secure and accessible only to authorized doctors, nurses, and medical staff.

With DigitalPersona Pro Enterprise, healthcare organizations can enforce and monitor security policies across individual and shared-user computers, all from a single console.

DigitalPersona Pro Enterprise taps Active Directory and Microsoft's tools to provide high scalability and fault tolerance without requiring special server hardware or unfamiliar management interfaces.

Recommended Reading

Patient Data Losses Jump 32%

How Secure Are Your Clinicians' Mobile Devices?

80% Of Doctors Use Mobile Devices At Work

Healthcare CIOs Juggle More Mobile Challenges

Docs Warm Up to EHRs, Patients Want Paper

Stanford Hospital Breach Exposes 20,000 ER Records

App Allows Radiology Diagnosis Via Tablet, Smartphone

Why Can't Patients See Their EHR Data?

Docs Have iPad Fever: Is There A Cure?

9 Mobile Health Apps Worth A Closer Look


While healthcare providers need to protect patient data to comply with HIPAA and HITECH requirements as well as state and local data breach laws, healthcare payers require efficient and reliable security for complex billing and transaction information. Vormetric Data Security for HealthCare helps both healthcare providers and insurers establish and enforce security policies to control and protect sensitive data.

Vormetric Data Security enables providers and insurance carriers to encrypt sensitive data in any file, database, or application--including those in physical, virtual, and cloud infrastructures. Vormetric enforces access controls, reports on who is accessing protected data, and supports all major database platforms and Linux, Unix, and Windows environments.

The Vormetric product provides key management for Transparent Data Encryption available within Oracle and Microsoft SQL Server databases, and includes a secure vault for storing any encryption key. The Vormetric tools allow healthcare organizations to secure sensitive data across business lines and heterogeneous systems.

The product is available as a single appliance, or a double appliance, as shown here.

Recommended Reading

Patient Data Losses Jump 32%

How Secure Are Your Clinicians' Mobile Devices?

80% Of Doctors Use Mobile Devices At Work

Healthcare CIOs Juggle More Mobile Challenges

Docs Warm Up to EHRs, Patients Want Paper

Stanford Hospital Breach Exposes 20,000 ER Records

App Allows Radiology Diagnosis Via Tablet, Smartphone

Why Can't Patients See Their EHR Data?

Docs Have iPad Fever: Is There A Cure?

9 Mobile Health Apps Worth A Closer Look


ForeScout CounterACT offers healthcare IT organizations an automated means to gain real-time visibility and control over all users and devices accessing network resources and sensitive information.

Leveraging a providers' existing infrastructure, the ForeScout CounterACT appliance can identify, assess, and apply appropriate network access controls according to built-in policies based on user, device, system, and application attributes without requiring software running on the endpoint device, including devices such as patient monitoring systems.

From a single console, operators can monitor and report on all network resource access. The product also integrates guest networking, mobile security, and endpoint security capabilities.

Miami Children's Hospital, Nationwide Children's Hospital, and Lehigh Valley Hospital and Health Network are among customers using ForeScout CounterAct.

Recommended Reading

Patient Data Losses Jump 32%

How Secure Are Your Clinicians' Mobile Devices?

80% Of Doctors Use Mobile Devices At Work

Healthcare CIOs Juggle More Mobile Challenges

Docs Warm Up to EHRs, Patients Want Paper

Stanford Hospital Breach Exposes 20,000 ER Records

App Allows Radiology Diagnosis Via Tablet, Smartphone

Why Can't Patients See Their EHR Data?

Docs Have iPad Fever: Is There A Cure?

9 Mobile Health Apps Worth A Closer Look


Good Technology's Good for Enterprise product allows healthcare organizations to protect patent health data and corporate information on mobile devices. The product separates patient and corporate data from employees' personal information and places the data in an encrypted, secure container on a wide range of iPhone, Android and Windows Mobile smartphones and tablets.

This feature--combined with password policy enforcement, preventing cut, copy, and paste from the secure container, and remote wiping--can work together to help reduce the risk of data loss to unsecured consumer applications.

Recommended Reading

Patient Data Losses Jump 32%

How Secure Are Your Clinicians' Mobile Devices?

80% Of Doctors Use Mobile Devices At Work

Healthcare CIOs Juggle More Mobile Challenges

Docs Warm Up to EHRs, Patients Want Paper

Stanford Hospital Breach Exposes 20,000 ER Records

App Allows Radiology Diagnosis Via Tablet, Smartphone

Why Can't Patients See Their EHR Data?

Docs Have iPad Fever: Is There A Cure?

9 Mobile Health Apps Worth A Closer Look

Comment  | 
Email This  | 
Print  | 
RSS
More Insights
Copyright © 2020 UBM Electronics, A UBM company, All rights reserved. Privacy Policy | Terms of Service