EProtex Identifies Hidden Risks Leading to HIPAA Violations
Medical devices with Windows® operating systems are most susceptible
Indianapolis, IN (PRWEB) January 6, 2011
eProtex, a data security company specializing in the hidden risks of connected medical devices, announced today its finding of serious—yet easily missed—security threats in health IT networks that could lead to mounting HIPAA violations.
HIPAA Security Rules require appropriate administrative, physical and technical safeguards to ensure the confidentiality and integrity of electronic protected health information (ePHI). While every healthcare provider has some sort of security protection for their networks, independent audits reveal an area almost always overlooked: medical devices connected to the network. Any devices that store, generate or transmit ePHI are vulnerable to viruses, security breaches (whether intentional or accidental) and other troubling repercussions, from hefty fines to patient misdiagnoses and diversion.
From cath lab equipment to CT scanners, monitors, IV pumps, MRIs and smart beds, any device transmitting data to a network is a potential target or launch pad for security breaches if left unprotected. The most vulnerable devices are typically those using a Microsoft Windows® operating system—approximately 50 percent of medical devices—because it is the easiest for hackers to infiltrate. Unless managed regularly, such devices could become infected and spread viruses or malware to the entire network.
“You don’t think it will happen to you,” explained Earl Reber, Executive Director for eProtex. “Then, you read the news of it happening to your peers on an almost daily basis.” In 2009, nearly 80 million health records were breached from threats that were not properly assessed, according to the Privacy Rights Clearinghouse. “Healthcare leaders can no longer afford not to have a firm grasp on these blind spots,” added Derek Brost, the company’s chief security officer.
How can healthcare providers combat such risks? Reber and Brost advise a comprehensive assessment of all devices on their network, coupled with a security system specifically designed to shield networked devices. It’s advice worth heeding: just one year after its inception, eProtex solutions are being adopted by nearly 100 hospitals throughout the U. S.
About eProtex
Founded in 2009, eProtex is the nation’s first data security company specializing in the hidden risks of connected medical devices. As such, the company offers customized, all-inclusive solutions to fit healthcare providers’ unique needs and resources—from large, multi-location hospital networks to small, independent doctor offices and medical centers. Built by the healthcare community for the healthcare community, eProtex is a member of Ascension Health, the nation’s largest nonprofit healthcare system. [eProtex. com]
# # #
