Health IT tip of the day: 'Magic' is a data protection strategy that doesn't work

Spending millions on the latest technology might seem useful, but it is effectively useless.

Mike Baker, Founder and Principal at Mosaic451 in Phoenix, Ariz.: Compliance is a necessity and critically important, but here's the big disconnect: Healthcare organizations should be devoting more resources to security for availability and for confidentiality. Organizations fall short and expose themselves to cyberattack when they over-rely on "magic and widgets." Most companies will buy the widget because something must be made to work to comply with the latest regulations. Spending millions on the latest technology might seem useful, but it is effectively useless.

Many organizations check boxes on the HIPAA compliance checklist rather than look at the operations as a critical network and seek ways to defend it. There is a very human desire to buy something tangible. Technology alone often attracts people who want to avoid responsibility. It's the short-term easy fix.

For healthcare organizations serious about protecting assets, the brightest minds must be deployed, and the toolset utilized is secondary to the core intellectual capital that must be developed. This is where a managed services provider comes into play. The best MSPs are those with a hybrid approach of remote and onsite engineers. If there aren't people onsite, they don't understand how information moves in times of crisis. Nothing can replace face-to-face interaction.

More articles on health IT:

Jumping ship: Why hospitals switch EHR vendors & how to handle the aftermath
Epic and Cerner: 8 key points about company growth
10 most-read health IT stories of October

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Top 40 Articles from the Past 6 Months