This is one I have seen first hand as a vendor at hospitals, walking in and seeing stuff like Lime Wire on hospital PCs. It makes you think why in the world would an IS manager bring a computer into the active directory access without placing the unit under group policy, yes have seen that and even just as a vendor I removed LimeWire and figured I would deal with any anger later when I told the IS department what I did, and actually they should be thankful for the act. I have seen computers on medical networks with not anti virus protection too, again another slip on someone’s part. Some hospitals too still allow doctors to bring in USB flash drives too, which again is asking for trouble.
Hospitals and some doctor’s offices still don’t take this seriously and security breaches and identity theft continue on due to ignorance or improper procedures not followed. What amazes me sometimes is the anger the results from security ignorance too when I try to explain why. The same employees that work at a doctor’s office are usually patients there to and expose themselves and their records at the same time, and they still see the computer as their own. I tell employees this is the company computer, your computer is at home. BD
Despite new federal laws to protect the privacy of medical files, many hospitals are ill-prepared to prevent security breaches that may result in patient records being stolen, lost or misused, a new survey shows.
Three in four hospitals and health organizations said medical records of patients had been put at risk of improper disclosure "due to inadequate security controls, policies or procedures," according to the survey released Thursday at a meeting of government health information planners in Washington.
Yet the survey released on Thursday found that many hospitals lack even basic tools to encrypt health care data as a means to prevent its misuse or theft. Fewer than half said they encrypt records they store, while just two-thirds use encryption techniques when sending health records over the Internet.