- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
The Shift to Security Implementation in a HealthCare facility
- Abstract
- There are a number of challenges presented to healthcare facilities as they begin the shift to implementing Information Security. One of these is that they have often been among the first to adopt new technologies. With new technologies there are always unknown issues that present themselves over time. If not addressed, these can often result in nullifying any advantage gained from early adoption. One such liability with Information Technology is a sometimes-inherent insecurity. As an early adopter of new information technologies and systems, a healthcare facility will often find itself assuming inherent security vulnerabilities, which are either not yet known or not yet addressed by industry. Another challenge is that many healthcare Information Technology vendors build systems focusing on health services with little, if any, consideration to security risks. While new government mandates are affecting a shift in this approach, there are still many systems in place that were designed and installed without thought of security. This issue is compounded by the fact that many purchase decisions are made by those who, while understanding the healthcare provided, do not understand the underlying technologies and security issues presented by their implementation.