5 ways hospitals can protect IT systems in the era of remote work and telehealth expansion

The COVID-19 pandemic has forced many hospitals to shift employees to remote work and expand telehealth offerings. This has expanded the cybersecurity threat landscape. However, there are steps hospitals can take to ensure their information systems are protected amid shifting work environments.

During a Sept. 10 webinar hosted by Becker's Hospital Review and sponsored by Imprivata, two industry leaders discussed strategies to protect privacy and maintain efficiency within hospital information systems while employees work from home.

The speakers were:

• Matt Erich, vice president of sales engineering, Imprivata
  
  
• Joel Alcon, product marketing manager, Imprivata

The speakers discussed five considerations for hospitals shifting to a more remote workforce and expanding virtual care offerings:

1. Remote workers need access to the same clinical systems they had access to in the hospital. To ensure these systems are protected, hospitals should ensure two-factor authentication is required for employees to gain access to these systems. Mr. Erich said many Imprivata clients are adopting this security measure during the shift to remote work.
   
   
2. Use portals where remote workers can access their cloud-delivered applications as well as their traditional server applications, which are delivered through virtualization technology. If an employee doesn't have access to the same single sign-on technology they did within the hospital's system, hospitals should allow them access to the self-service password tools from the VPN portal.
   
   
3. Adopt virtual desktop infrastructure. Implementing VDI through cloud delivery allows hospitals to adopt this technology very quickly, and they can rapidly scale up as they need, according to Mr. Erich.
   
   
4. Utilize telehealth applications to remotely identity proof prescribers. The Drug Enforcement Administration now allows providers who are prescribing remotely to be identity proved via telehealth applications by electronically signing, entering a password and then using an approved token for two-factor authentication.
   
   
5. Relax some security controls so they don't come into play when a telehealth visit is in progress. Imprivava worked with many of its clients to relax controls that trigger a lock screen or new login request after a period of inactivity so that these don't keep appearing when providers spend time away from their screens during virtual visits, an action Mr. Alcon said many providers are glad they took.

To learn more about Imprivata, click here. To listen to the full webinar, click here.